The Windows 2000 system has a large number of users, which leads to the top of the attacked system, but this does not mean that the security of Windows 2000 is not good at all. As long as it is reasonably configured and managed, it is safer. I am not using Windows 2000 for a short time. I have gradually found a little way to maintain its security. Here are some personal opinions and shortcomings. Please correct me.
Safety installation to minimize worries
Windows 2000 system security should be accumulated from the installation, but this is often overlooked. The following points should be noted when installing Windows 2000:
1, do not choose to install from the network
Although Microsoft supports online installation, but this is absolutely not safe. Do not connect to the network until the system is fully installed, especially the Internet! Don't even connect all the hardware to install. Because Windows 2000 is installed, after entering the password of the user administrator account <Administrator", the system will create a shared account of “$ADMIN”, but it does not protect it with the password just entered. This situation will always be Continue until the computer starts up again. In the meantime, anyone can enter the system through “$ADMIN” at the same time, the installation is complete, the various services will run automatically, and the server is full of loopholes, which is very easy to invade from the outside.
2, to choose NTFS format to partition
Preferably all partitions are NTFS format, because NTFS format partitions are more secure in terms of security. Even if other partitions use other formats (such as FAT32), at least the partition where the system is located should be in NTFS format.
In addition, the application should not be placed in the same partition as the system, so as to prevent the attacker from exploiting the vulnerability of the application (such as Microsoft's IIS vulnerability, you will not know it), causing system file leakage and even allowing the intruder. Get administrator rights remotely.
3, the choice of system version
We generally like to use the Chinese interface software, but for Microsoft things, due to geographical location and market factors, are first available in English, and then there are versions of other languages in other countries. . That is to say, the kernel language of the Windows system is English, so that its kernel version should be much less than the vulnerability in its compiled version. In fact, the Windows 2000 Chinese input method loopholes are soaring that everyone is obvious to all.
The above mentioned security installation can only reduce the worries, don't think that you can do it once and for all, there is still a lot of work waiting for you to do, please continue to look down.
Management factors to ensure system security
The system is not safe, don't blame the software itself, think about human factors! Here are some points to note from the administrator's point of view:
1, pay attention to the latest vulnerabilities, timely patch and install the firewall.
The administrator's responsibility is to maintain the security of the system and absorb the latest Vulnerability information, timely patching, is the easiest and most effective way to maintain system security. I recommend a good security site from abroad: ttp://www.eeye.com. At the same time, installing the latest version of the firewall is also a must, can help you. But remember: "The road is one foot high, the magic height is one foot", there is no absolute security, the patch will always follow the announcement of the vulnerability, fully believe that the system patch and firewall is not feasible!
2, it is forbidden to establish an empty connection, and it is forbidden to leave the door.
The hackers often use the sharing to attack. In fact, it is not a loophole. It is only a simple blame for the administrator's account and password, and it is forbidden. Good off!
This is mainly achieved by modifying the registry. The primary key and key values are as follows:
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\LSA]
RestrictAnonymous = DWORD:00000001
3. Prohibit management sharing< Br> In addition to the above, there is a ban together!
[HKEY_LOCAL_MACHINE \\ SYSTEM \\ CurrentControlSet \\ Services \\ LanmanServer \\ Parameters]
AutoShareServer = DWORD: 00000000
Previous 12 Next Read more