Shulou(Shulou.com)06/02 Report--

This article mainly introduces the closure of the registry can not prevent worms, the text is very detailed, with a certain reference value, interested friends must read!

Closing the registry is not an effective worm prevention strategy. Security measures to prevent worms: 1. Open a personal firewall;2. Check the accounts used by this machine, delete unnecessary accounts, and use complex passwords for necessary accounts;3. Update security patches to prevent attacks based on vulnerabilities;4. Regularly check whether there are suspicious items in the service, process, and registry.

The worm spreads as follows:

Step 1: Scan. The scanning process is to scan the host with a scanner to detect the operating system type, version, host name, username, open port, open server software version, etc. of the host.

Step 2: Attack. There are two general types of attacks. One is an attack that exploits vulnerabilities. If the operating system information returned by scanning or some software information is a version with vulnerabilities, then the corresponding permissions can be obtained directly with the attack code for the vulnerability. The other is based on file sharing and weak key attack, this attack needs to guess the user password according to the collected information, the general worm has a test empty password, simple password, and known password is the same password and other mechanisms. Guessing the correct password gives you control of the remote host.

Step 3: Copy. Replication is actually a process of file transfer, which is to use file transfer protocols and ports for network transmission.

To protect your computer from local area network worm attacks and infections, we recommend that users take the following basic security measures:

1, open personal firewall: according to the application situation and for a certain type of virus, set some protocols, ports, procedures, intrusion detection and other protection rules, the protection effect will be better;

Try to close unwanted file sharing. In addition to user-defined shared files, Windows operating systems generally have C$, D$,ADMIN$, IPC$and other default shares. Remove these shared attributes, and virus files cannot be copied locally;

Enforce password policy. Check the accounts used by this machine and delete unnecessary accounts. Use complex passwords for required accounts;

4. Apply all security patches of the operating system in a timely manner to prevent vulnerabilities based attacks;

Regularly check whether there are suspicious items in the service, process and registry, and close or delete unnecessary services or startup items in time.

Above is "close registry can prevent worm virus" all content of this article, thank everybody's reading! Hope to share the content to help everyone, more relevant knowledge, welcome to pay attention to the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.