Shulou(Shulou.com)06/01 Report--

Windows operating system security and stability of the computer use method is what, for this problem, this article details the corresponding analysis and answer, hope to help more want to solve this problem of small partners to find a simpler and easier way.

Computers and networks have brought great convenience to our lives, but the security problems that follow are also endless. All kinds of Trojan viruses are rampant day by day, and the number of websites that hang horses is also growing rapidly. If our computers are in the middle of the trick, small ones will lead to some applications that cannot be used normally, and large ones will be stolen by hackers, such as bank account passwords, personal privacy information and other important content. At that time, it will be too late to make up for it.

Windows is currently the most used operating system, but the stability and security of Windows are very poor, recent time often can see Windows exposed vulnerabilities message, but also illustrates this point, for unknown vulnerabilities there is no really effective defense measures, but for Windows known vulnerabilities, in the installation of new systems the first time we should start to patch the system.

There are also many ways to patch the system. At present, most anti-virus software comes with some system maintenance tools. Therefore, we can directly use the maintenance tools provided by anti-virus software to check system vulnerabilities and patch them. Take Rising Kaka Security Assistant of Rising antivirus software as an example, scanning, downloading and installing patches are very simple, basically "fully automatic."

First of all, after opening Rising Card Security Assistant, select "Vulnerability Scanning and Repair" under the "Common" menu, and the software will automatically scan the system. The scan results will tell the user that there are several vulnerabilities in the current system, at which point click "Details."

vulnerability scan results

The list of scanned patches shows installation requirements, download progress (progress bar after download starts), risk level, vulnerability name, vulnerability profile, description and download link for all uninstalled patches. We can click on the "Download" link on the right side of each patch to download the patch separately, or we can directly select all patches and click "Fix Bug" to fix them.

Download and install patch files

We need to remind you that if the patch installation requirements show "exclusive," then the patch cannot be installed at the same time as other patches, and we need to download and install it separately.

The download speed of patches varies according to the networking situation of each computer. After all patches are downloaded, they will be installed automatically without manual operation. So even if you have a lot of patches to install on your computer, you don't have to stay by your computer all the time.

When you see the prompt text of "end of bug repair," it means that Kaka Security Assistant has completed the bug repair work. At this time, you can scan the computer again and see that there is no bug prompt message.

No useless components

In addition to system vulnerabilities, there are many other security threats in Windows that also require our attention.

Do not install useless components

When Windows is installed, we are prompted to select which components to install. Generally speaking, those components that are not used for a while should not be installed as much as possible. For example, for ordinary users who do not intend to set up personal sites and are unlikely to debug ASP scripts on their local computers, there is no need to install Internet Information Services (IIS) for Windows 2000/XP, and external attacks such as.PRINTER,.IDQ,.IDA, WEBDEV, etc. can be avoided.

If IIS is already installed on your computer, you can uninstall it.

First open the Control Panel and select Add or Remove Programs-Add/Remove Windows Components to open the Windows Components Wizard.

Windows Components wizard

Remove the check mark from Internet Information Services (IIS) and select Next.

deleting IIS

In this case, IIS was removed from Windows.

Choose a safe file format

NTFS file format is the best choice for Windows 2000/XP users. Because both from the file retrieval speed, system resource permissions control point of view, NTFS is obviously better than FAT system.

We can click the right mouse button on the disk partition in NTFS format, select "Properties" from the pop-up menu, and you will see that the disk properties in NTFS format have a "Quota" tab, through which users can set the access rights of each user in the system to the logical disk in detail.

NTFS file format Quotas option

Disk information in FAT32 file format cannot set disk quotas.

FAT32 file format

Custom System Services

Windows 2000/XP provides many services for users after normal startup, but most users do not need all of them. Obviously, redundant services only add to system load and instability. We can right-click "My Computer-Manage" on the desktop and select "Services and Applications-Services" in the left window of the interface that opens. Here we can turn off unnecessary services to improve system stability, security and speed up the system.

Turn off unwanted services

In particular, several high-risk services such as Remote Registry Service and Telnet must be stopped.

Double-click the items and set them to Manual or Forbidden in the open window.

Disable high-risk services

Custom default account

We said that all default, are not safe, at least the system account is like this, let alone now most friends use the password is poor, use empty password users are not a few. What matters is that given a username, passwords are theoretically hard to escape brute-force cracking.

Right-click "My Computer-Administration" on the desktop, and then select "System Tools-Local Users and Groups" in the left window of the interface that opens. Then rename the Administrators account under Users or Groups.

Renaming Administrators Account

For those users who come with the system and we don't use it, it's best to set passwords to avoid being exploited by malicious programs or attackers.

Set password for Guest

Customize security logs and audit policies

Before a disaster strikes, we can make a lot of preparations to avoid disaster, but we must not forget to consider what we should do if disaster really strikes. For system hardening, we also need to be fully prepared, and logging and auditing policies are specifically for this work. Note that the operating system does not turn on any security audits by default!

Click Start-Run, type Gpedit.msc and press Enter to expand Computer Configuration-Windows Settings-Security Settings-Local Policies-Audit Policies in the open Group Policy window.

audit policy

Then double-click "Audit Account Management" in the right window, select all the check boxes before "Success" and "Failure", and then "OK" to exit.

audit account management

Use the same method to set "login event,""policy change,""system event,""account login event" to "success" and "failure," and set "object access,""privilege use" and "directory service access" to "failure."

Next, in Account Policy-Password Policy, set Password Complexity Requirements to Enabled; Minimum Password Length to 6 digits; Mandatory Password History to 5 times; Maximum Lifetime to 30 days.

set password policy

In Account Policy-Account Lockout Policy, set Account Lockout to 3 false logins; Lockout Time to 20 minutes; Reset Lockout Count to 20 minutes.

In fact, the whole system reinforcement process does not seem complicated, but we have to remind everyone that the system is safe or unsafe, stable or unstable, all care about the operator's mentality, you attach importance to it, always pay attention to it, and find corresponding solutions to some new problems in time.

In addition, timely upgrade anti-virus software, anti-virus software virus library is always up-to-date, will undoubtedly play the best protection of system security.

About the Windows operating system security and stability of the computer use method is how to share the answer to the question here, I hope the above content can be of some help to everyone, if you still have a lot of doubts not solved, you can pay attention to the industry information channel to learn more related knowledge.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.