There are more and more attacks from the network. Some malicious web pages will take advantage of the security vulnerabilities of software or system operating platform, support the automatic execution of code programs by executing Java Applet, JavaScript scripting language program and ActiveX software component interaction technology embedded in the HTML markup language of web pages, and forcibly modify the user's operating system registry and system practical configuration program, so as to achieve the purpose of illegally controlling system resources, destroying data, formatting hard disk and infecting Trojan horses.
At present, there are two kinds of attacks by hackers on web pages: one is to modify IE browser through edited script programs; The other is to directly destroy the Windows system. The former usually modifies the title bar and default homepage of IE browser, and there are many articles about this. Here are some ways to prevent the black hand of web pages that destroy Windows system.
One of the black hands, formatting the hard disk
This is a very dangerous web hacker. It will execute ActiveX components through IE and call Format.com or Deltree.exe to format the hard disk or delete the folder. After being infected with such destructive programs, a message prompt box will appear, prompting: "The current page contains incomplete ActiveX, which may cause you harm. Do you want to carry it out? Yes,No. If you click Yes, the hard disk will be quick format. All this is running in the background, which is not easy to be detected.
Note: Change the name of the Format.com or Deltree.exe command of this machine. In addition, don't answer "yes" easily to inexplicable prompting questions. You can press [CTRL+ALT+DEL] in the pop-up Close Program window to stop the execution of unconfirmed processes.
The second black hand runs out of system resources.
This kind of web hacker will execute a Java script code, generate an infinite loop, consume local system resources continuously, and eventually lead to system crash. They will appear in some malicious websites or email attachments. As long as you open the attachment program, countless IE windows will appear on the screen, and finally you have to restart the computer.
Preventive measures are: don't easily enter strange websites, and don't casually open attachments in emails sent by strangers, such as files with extensions of VBS, HTML, HTM, DOC and EXE.
The third black hand, illegally reading files.
This black hand can read local files by calling ActiveX, JavaScript and WebBrowser controls. It can also take advantage of browser vulnerabilities to read local files. Avoiding this attack can turn off the JavaScript function that disables the browser.
The fourth black hand, gain control authority.
This kind of black hand will happen when executing Actives with IE. Although IE provides the function of "downloading the signed ActiveX control", malicious attack code will bypass IE, download and execute the ActiveX control program without prompting, and then the malicious attacker will gain control of the system. If you want to shield such a black hand, you can open the Registry Editor and expand the following branches:
[iduba_page]
The solution is to create a new CLSID-based key value {6e 449683 _ C509 _ 165438} for the active installation control under the compatibility of HKEY _ local _ machine software Internet Explorer ActiveX. +0CF_AAFA_00AA00 B60 15C}, and then create a key Compatibility of REG_DWORD type under the new key value, and set the key value to 0x00000400.
For all kinds of attacks from the network, while raising awareness of prevention, we also need to do a good job in prevention:
1, set the security level.
Since many attacks are realized by including malicious scripts, the level of IE can be improved. Execute the Tools/Internet Options command in IE, then select the Security tab, select the Internet and click the [Custom Level] button. In the security settings dialog box, select all relevant options in ActiveX controls, plug-ins and scripts, and set the security level to high. It should be noted that if "Disable" is selected, some websites that need to use ActiveX and scripts may not be displayed normally.
2. Filter the specified web pages
For some web pages containing malicious code, you can block them, execute the Tools /Internet Options command, select the Content tab, click the Enable button in Content Rating, open the Content Rating dialog box, select the Permission Sites tab, enter the URL to block, click the Never button, and then click the OK button.
3. Uninstall or upgrade WSH
Some viruses and worms compiled with VBScript, such as "I love you" and "Newlove", all contain an attachment with VBS as the suffix. After opening the attachment, the user will be infected. These viruses will be started and run by using the Windows Script Host (WSH) embedded in Windows. In other words, if WSH is disabled, viruses hidden in VB scripts cannot be activated.
Disable WSH in Windows 98, open Add/Remove Programs, select Windows Settings/Accessories, click Details, cancel the Windows Script Host option, and click OK when finished.
The way to disable WSH in Windows 2000 is to double-click my computer icon, then execute the Tools/Folder Options command, select the File Type tab, find the VBS VBScript script file option, click the Delete button, and finally click OK.
Besides,