1, IPC null connection is prohibited.
Hackers can use the netuse command to establish a null connection and then invade, as well as netview and nbtstat, which are all based on null connections. Just no empty connections. Open the registry, find local _ machinesystemcurrentcontrolsetcontrolsa-restrictive anonymous and change the value to "1".
2, prohibit arbitrary command
Cookies often give you a Trojan horse to run, and then he needs to be in command. Open Administrative Tools-Services and disable the taskscheduler service.
3. Turn off HyperTerminal services
If it is opened, this loophole will be rotten.
4. Close the SSDPDiscoverService service.
This service is mainly used to start UPnP devices on home network devices, and the service will start 5000 ports at the same time. It may cause DDOS attacks, make the CPU utilization rate reach 100%, and then lead to computer crash. It stands to reason that no one will bother to do DDOS on a personal machine, but this application process also takes up a lot of bandwidth, and will continue to send packets to the outside world, which will affect the network transmission rate, so it is better to turn it off.
5. close the RemoteRegistry service.
Just look at it, allowing remote modification of the registry? !
6. Disable NetBIOS over TCP/IP.
My Network Places-Properties-Local Area Connection-Properties -Internet Protocol (TCP/IP) Properties-Advanced -WINS Panel -NetBIOS Configuration-Disable NetBIOS over TCP/IP. So hackers can't use nbtstat command to read your NetBIOS information and MAC address of network card.
7. Close the DCOM service.
This is port 135. In addition to being used as a query service, it may also lead to direct attacks. The key to closing this port is to enter dcomcnfg at runtime, select the default property label in the pop-up component service window, and cancel "Enable Distributed COM on this machine".
8. Change the permission of * * * to enjoy files from the "owner" group to "authorized users"
"Everyone" in win2000 means that anyone who can access your network can get these * * * enjoyment materials. Don't configure * * * users who enjoy files to the "Everyone" group at any time. Including printing * * *, the default attribute is "everyone" group, don't forget to change it.
9. Cancel other unnecessary services.
Please decide for yourself according to your own needs. The following are the minimum services required by the HTTP/FTP server as a reference:
Event log
License recording service
windows ntlmsecuritysupportprovider
Remote procedure call (RPC) service
windows ntserverrwindows ntworkstation
IISAdminService
MSDTC
WorldWideWebPublishingService
Protected warehouse
10, modify TTL value.
Crackers can roughly judge your operating system according to the TTL value of ping back, such as:
TTL = 107(WINNT);
TTL = 108(win 2000);
TTL= 127 or128 (win9x);
TTL=240 or 241(Linux);
TTL = 252(Solaris);
TTL = 240(Irix);
In fact, you can modify it yourself:
HKEY _ Local _ Machine System Current Control Settings Service
Parameter: defaultttlreg _ dword 0-0xff (decimal 0-255, the default value is 128) is changed to an inexplicable number, such as 258. At least those rookies will be stunned for a long time, so you may not give up the invasion.
1 1, account security
First of all, ban all accounts except yourself, hehe. Then rename the administrator. As for me, I set up an administrator account conveniently, but it is the kind without any authority. Then I opened my notebook, knocked it, copied and pasted it into the "password". Hehe, let's crack the password! I didn't know it was a low-level account until I broke it. See you collapse?
12. Suppress the display of the last logged-in user.
HKEY _ Local _ Machine Software Microsoft WindownntCurrentVersionWinlogon: Dontdisplaylastusername Change this value to 1.
13, delete the default * * *
Someone asked me what it was like to enjoy all the disks as soon as I turned them on, but after I changed them back, I enjoyed them again when I restarted. This is the default * * * enjoyment configured by 2K for management, and must be cancelled by modifying the registry:
HKEY _ Local _ Machine System Current Control Settings Service
Parameter: AutoShareServer type is REG_DWORD, just change the value to 0.
14. Disable LanManager authentication.
Windows NT Server Service Pack 4 and subsequent versions support three different authentication methods: LanManager(LM) authentication; WindowsNT (also known as NTLM) authentication; Windows operating system
Yuexiang card network is busy. What if I try again later?
1. Local network configuration problem:
Local network configuration issues, including local dns server configuration, browser configuration, etc. , if the configuration is incorrect, it usually leads to the error message "The server is busy, please try again later".
The solution is to correctly configure local dns and browser-related options according to the situation of accessing the server. For example, check the option "Use HTTP 1. 1 through proxy connection" and the option "Allow running or installing software even if the signature is invalid" in the browser Internet options.
For another example, if you are playing a game, or you get the error message "The server is busy, please try again later" when logging in to a certain software or website, we can set the public * * * free dns server addresses of the corresponding telecom and netcom lines in the local DNS server according to the network cable of the game server or software server, which can better avoid the situation of "The server is busy, please try again after the sale".
2. The server exceeds the number of connections in Dalian, reaching the peak, and the response is delayed:
The reason why the server is busy, please try again after sale is mainly related to the resource allocation of websites, games or software servers. Any server, whether it is a virtual server (VPS) or a physical server, has limited resources such as CPU, memory and network. When the number of concurrent requests, that is, the number of people online at the same time exceeds the maximum number and peak value supported by the server resource configuration, it will cause the server to delay responding to the user's request, and at the same time issue a prompt phenomenon of "The server is busy, please try again later".
The solution is: follow the prompts for the user and try again later. Of course, for example, playing games, we can also choose to log in to the game server when there are few online people to avoid the online peak, which can well avoid the busy server;
For the server operation and maintenance personnel, it is possible to optimize the server software and hardware environment or upgrade the server resource configuration to avoid the situation that "the server is busy, please try again later".
3. The server is attacked by CC/DDos;
Any network server condition may be the cause of the attack. Similarly, the frequent occurrence of "the server is busy, please try again later" may also be because the server is attacked by traffic such as CC/DOS/DDOS.
The solution is: for users, there is only one way, and that is to wait! When the attack stopped, the operation and maintenance personnel effectively solved the attacked problem and the server returned to normal;
For server operators or administrators, it is a good way to check, solve and handle server attacks. You can also choose high-performance servers such as fast cloud VPS and fast cloud server, or value-added services such as fast cloud protection and effective prevention of CC/DDOS attacks to avoid server attacks. In any case, the server security protection and monitoring software needs to be configured and often paid attention to.
4. Update and upgrade of server-related applications:
This reason is very common in games or software servers. Of course, some web application servers are frequently updated and upgraded. That is to say, the game, software or application needs to be updated, or the update is being upgraded, and the extra response service of the server is turned off, so the prompt "The server is busy, please try again later" appears.
The solution is: for users, of course, wait, or consult the relevant official customer service, or browse the corresponding official announcement.