Clever use of netstat command to help win7 system more secure

1, check account

Some malicious attackers will use the method of cloning account to control your computer arbitrarily, in order to avoid this situation Occur, we can use the following method to detect the account.

The method is: first enter netuser in the command prompt window, then look at some users on the computer, and then use “netuser+username” to see what permissions this user belongs to, the general administrators group only Administrator If the user is found to have another user in the administrators group, your computer has been compromised and the account has been cloned. You can delete this user using “etuser username/del”.

2, disable the unknown service

Many systems restart the computer will find that the speed is slower, this time it is likely that someone else has invaded your computer and opened a special service, For example, IIS information service, etc., then we can use "netstart" to see which services are open in the system. If you find that the service is not open, you can disable the service by directly in the command prompt window. Enter “etstart” to view the service, then use “netstopserver” to disable the service.

3, test network connection

If you suspect that your computer is poisoned or someone else has a Trojan, you can use the netstat command to detect who is connected to your computer. The specific command format is: netstat-an. This command can see the details of all IPs connected to the local computer, including localaddress (local connection address), foreign address (and local connection connection), proto (connection mode), and state. (current port status), so this command can be used to fully monitor the connection on the computer.

The specific operation method is: open a command prompt window and enter: netstat-a to display all ports currently open by your computer. Netstat-se displays detailed information about your network, including TCP and UDP. , ICMP and IP statistics, etc.