Windows Server 2008 has been launched for many years. Compared with other traditional systems, Windows Server 2008 is indeed more powerful in terms of security protection, in terms of security and stability. Deeply loved by users. Therefore, we only need to be good at using the security features of this system, we can achieve security protection goals well. Now let's talk about the powerful security protection function of Windows Server 2008.
1. Limit the use of Thunder for malicious downloads
When multiple people use the same computer to work together, it is definitely not desirable for ordinary users to use Thunderbolt tools for malicious downloads. The disk space resources of the local system are wasted, and the bandwidth resources of the local system are also greatly consumed. In the Windows Server 2008 system environment, there are many ways to restrict ordinary users from using Thunderbolt tools for malicious downloads. For example, you can use the new advanced security firewall function of Windows Server 2008 system, or limit the download port to achieve the above control. Purpose, in fact, in addition to these methods, we can also skillfully use the system's software restriction strategy to achieve this goal, the following is the specific implementation steps of the method:
First login to Windows with system administrator privileges Server 2008 system, open the system's "Start" menu, select the "Run" command from the system, in the pop-up system run text box, enter the "gpedit.msc" keyword command to enter the corresponding system group Policy Console window;
Next, at the left side of the console window, select “Computer Configuration”/“Windows Settings”/“Security Settings”/“Software Restrictions Strategy & rdquo; option while right-clicking on the option and executing the shortcut In the "Create Software Restriction Policy" command;
Then in the corresponding area of the "Software Restriction Policy" option, double-click the "Force" group policy item to open the settings dialog. In the box, select the “All users except local administrators” option, and keep the default settings. Click the “OK” button to end the above setting operation;
Software restriction policy & rdquo; under the node "Other rules" option, then right-click the group policy option, from the pop-up shortcut menu, click the "New Path Rule" command, the settings that appear after it In the dialog box, click the “Browse” button to select the Thunder download program, and set the “Security Level” parameter corresponding to the application to “Don't Allow”, and finally click the “OK” button to execute. Parameter setting save operation;
Restart Windows Server 2008 system, when the user logs in to the system with normal rights account Ordinary users can not use normal Thunder malicious program downloaded, but when we enter the local computer system to a system administrator, you can still run properly Thunder program free to download.
2, refused to hide the network virus in temporary files
Now the virus on the Internet is crazy, some network viruses in order to avoid the killing of anti-virus software, often try to find ways I hide myself in the system temporary folder, so that even if the anti-virus software finds a network virus, it can't help it, because the anti-virus software has no right to the system temporary folder. In order to prevent network viruses from being hidden in the system temporary folder, we can set the software restriction policy of Windows Server 2008 system according to the following operations:
First open the Windows Server 2008 system "Start” menu, from the midpoint Select the "Run" command, in the pop-up system run dialog box, enter the group policy edit command "gpedit.msc", click the "OK" button to enter the corresponding system's Group Policy console window; Br>
Next, at the left side of the console window, select “Computer Configuration”/“Windows Settings”/“Security Settings”/“Software Restriction Policies”/“ Other rules & rdquo; option, right-click this option, and execute the "New Path Rule" command in the shortcut menu to open the settings dialog; click on the "Browse" button to pop up the file from In the selection dialog box, select and import the temporary folder of the Windows Server 2008 system, and then set the security level & rdquo; parameter & Ldquo; & rdquo ;, finally allowed to click & ldquo; OK & rdquo; button to save the good operation of the set, so to network viruses in the future can not hide the file to a temporary folder in the system.
3, prohibit illegal ping attacks from the external network
We know that clever use of the Windows system's own ping command, you can quickly determine the network connectivity of an important computer in the LAN; However, while the ping command brings us practicality, it is also easily exploited by some malicious users. For example, if a malicious user continuously sends a ping command test package to an important computer by means of a professional tool, the important computer system cannot test all the tests. The package responds, which is prone to paralysis. In order to ensure the stability of the Windows Server 2008 server system, we can modify the group policy parameters of the system to prohibit illegal ping attacks from the external network:
First login to the Windows Server 2008 server system as a privileged identity, Click the “Start”/“Run” command on the desktop of the system. In the pop-up system running dialog box, enter the string command <;gpedit.msc”, click the Enter key to enter the corresponding The console window of the system;
Next select the "Computer Configuration" node option in the list on the left side of the console, and select "Windows Settings" and "Security Settings" from the target node. ”,“Advanced Security Windows Firewall>,“Advanced Security Windows Firewall——Local Group Policy Object”option, then use the mouse to select the "inbound rule" item; 12 next page total 2 pages
Since win2008 is used as a server, the security issue has always been emphasized by win2008. In orde
As a service-oriented win2008 system, its security and stability can be said to be comparable with w
According to the news on September 10, MSDN and TechNet subscribers can already dow
Recently, a friend is asking how to migrate the server? Migration server is a must-
Windows2008R2 changes the desktop icon has a coup
How to solve the old audit failure problem of win2008 system log
Open the specific steps of win2008 network access protection
Detailed application of Win2008 initial configuration task function
Easy to achieve Windows Server 2008 shared high-speed access cheats
Win2008 Bluetooth driver assembly tutorial
Forced potential! win2008 optimization small coups to share
Win2008 dual system virtual memory sharing method
Explain the use of Windows 2008 trigger features
How to solve the problems with the password win2008?
Xp system tips: Prevent changes to desktop settings
Microsoft official Windows 8.1 official version download entry came out
Linux more command using tutorial
Ending Windows 7 with the command prompt to specify the process
Win7 blue screen error code 0x0000005A how to solve
Where is the itunes backup file
How to repair system win10? Win10 repair system graphic tutorial
Windows 7 uses credential manager to increase access speed
Win8.1 Microsoft Pinyin Sets the operation method of fuzzy sound
Win10 system update Realtek sound card driver timeout prompt error 0x000005b4 how to do?