Some basic commands can often play a big role in protecting network security. The following commands are very prominent.
Detecting network connections
If you suspect that a Trojan has been installed on your computer, or if you have a virus, but there is no perfect tool to detect if this is the case. , you can use the Windows network command to see who is connecting to your computer. The specific command format is: netstat -an This command can see all the IPs that are connected to the local computer. It contains four parts - proto (connection mode), local address (local connection address), foreign address (and local establishment). The address of the connection), state (current port state). With the details of this command, we can fully monitor the connection on the computer to achieve the purpose of controlling the computer.
We enter the following at the command prompt: netstat -a shows all ports currently open on your computer, netstat -s -e shows your network data in more detail, including TCP, UDP, ICMP And IP statistics and so on, you may have seen it. Have you ever thought about the knowledge of Vista, Windows 7 display protocol statistics and current TCP/IP network connections?
The netstat command is used as follows (hint: it is in the order of a-b) -
NETSTAT: Vista/Windows7 shows protocol statistics and current TCP/IP network connections. You can run netstat directly without parameters, as shown in the figure:
NETSTAT [-a] [-b] [-e] [-f] [-n] [-o] [-p proto] [-r ] [-s] [-t] [interval]
-a Displays all connections and listening ports.
-b Displays the executables involved in creating each connection or listening port. In some cases, known executables host multiple independent components, in which case
is the sequence of components involved in creating a connection or listening on a port. In this case, the name of the executable is at the bottom [], and the component it calls is at the top until it reaches TCP/IP. Note that this
item can be time consuming and may fail if you do not have sufficient privileges.
-e Displays Ethernet statistics. This option can be combined with the -s option.
-f Displays the fully qualified domain name (FQDN) of the external address.
-n Displays the address and port number in numeric form.
-o Displays the process IDs associated with each connection.
-p proto Displays the connection of the protocol specified by proto; proto can be any of the following: TCP, UDP, TCPv6 or UDPv6. If used with the -s option to display statistics for each protocol, proto can be any of the following: IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, or UDPv6.
-r Displays the routing table.
-s Displays statistics for each protocol. By default, statistics for IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, and UDPv6 are displayed; the -p option can be used to specify the subnet to be recognized.
-t Displays the current connection uninstall status.
interval Redisplays the selected statistics, the number of seconds between pauses between displays. Press CTRL+C to stop redisplaying statistics.
Disabling Unknown Services
Many friends will find that the computer slows down after a system reboot. This time it is likely that others have opened up special after you invade your computer. Some kind of service, such as IIS information service. You can use "net start" to check what services are open in the system. If you find a service that is not open to you, we can disable the service in a targeted manner. The method is to directly enter "net start" to view the service, and then use "net stop server" to disable the service.
Easily check accounts
For a long time, malicious attackers liked to use a clone account to control your computer. The method they use is to activate the default account in a system, but this account is not used often, and then use the tool to promote this account to administrator privileges. On the surface, this account is still the same as the original, but this clone The account is the biggest security risk in the system. A malicious attacker can control your computer arbitrarily through this account. To avoid this, you can test your account in a very simple way.
First enter net user in the command line, check what users on the computer, and then use "net user + user name" to see what permissions this user belongs to, generally in addition to the Administrator is the administrators group, the other No! If you find that a system built-in user belongs to the administrators group, it is almost certain that you have been compromised, and someone else has cloned the account on your computer. Use "net user username /del" to delete this user!
1, first open the U master window, and then click Restore U disk. 2, then double-click the Computer
Although in many cases, we know that the w764 Ultimate download
1. Press the win+R shortcut key to open the computers running w
Before Xiaobian, I talked to everyone about Windows, in fact, installing Windows is not a simple ta
Explain the new features of Firewall under windows7
Windows 7 how to close the IE browser tab to prevent accidental shutdown
Win7 computer installed graphics card after the blue screen how to do
How to get file administrator authority for Win7 system
How do I delete a blank page in Word? How to delete Word blank page under Win7 system
How to restore the Win7 taskbar original size
Win7 desktop window intelligent display skills
Adjusting the Windows 7 taskbar preview window is too small
Win7 desktop background can not be changed how to do
When installing Win7, it prompts "Cannot install to this disk, has MBR partition table". How to do
Prevent data loss! Windows 7 guarantees "Ultrabook"
Why is the old line dropped when Win7 is downloaded? After a few days of testing,
LOL new hero Millennium found a major BUG postponed to the 5.20 version online
How does the Win8.1 system display the taskbar in the Modern application
Win10 uses QQ voice and video when the volume is too small, how to do
Is the Win10 Recycle Bin icon fixed to the taskbar? How about in the tray?
WindowsXP system startup failure ten strokes to solve
Iphone4 mobile phone wifi can not connect how to do
Win10 command prompt cmd where
How to use the u disk to install isowin7 original system