Win2003 data execution protection opening and closing methods and setting techniques

  
first talk about the role of data execution protection, this is Microsoft's explanation: Data execution protection can help protect your computer from viruses and other security threats. These viruses and threats attempt to launch (execute) malicious code from a protected memory location to launch an attack, and only Windows and other programs should use these locations. This threat performs a corrupt operation by taking over one or more memory locations that the program is using. It then spreads, destroying other programs, files, and even your email contacts. Unlike firewalls or antivirus programs, DEP does not help prevent unwanted programs from being installed on your computer. Instead, it monitors your programs to determine if they can safely use system memory. To perform monitoring operations, the DEP software can run either independently or in conjunction with a compatible microprocessor, marking certain memory locations as “unexecutable”. If the program attempts to run the code from a protected memory location (whether it is malicious code or not), DEP will close the program and send you a notification. DEP can take advantage of software and hardware support. To use DEP, your computer must be running Microsoft Windows XP Service Pack 2 (SP2) or higher, or Windows Server 2003 Service Pack 1 or higher. DEP software can help protect against certain types of malicious code attacks when run independently, but to take full advantage of the protection that DEP can provide, your processor must support the “execute protection” feature. Execution protection is a hardware-based technique for marking memory locations as "unexecutable". If your processor does not support hardware-based DEP, it is best to upgrade it to a processor that provides execution protection. In fact, we generally do not use it, because our processor does not support DEP (data execution protection), in general, you can close it, so as to avoid the occurrence of memory can not be "rd"; READ & rdquo;. However, on some servers, it is still useful for a webmaster. . First, the method of closing: Right-click "My Computer", select Properties, switch to "Advanced", in the startup and recovery, click "Settings" and then click "Edit", in fact, also edit Your boot.ini file operating systems] multi(0)disk(0)rdisk(0)partition(1)\\WINDOWS=”Windows Server 2003, Enterprise" (will be changed here) /execute /fastdetect [operating systems] multi(0)disk(0)rdisk(0)partition(1)\\WINDOWS=”Windows Server 2003, Enterprise” /execute /fastdetect Same. If it is turned on. Just change that to [operating systems] multi(0)disk(0)rdisk(0)partition(1)\\WINDOWS=”Windows Server 2003, Enterprise” /noexecute=optin /fastdetect Save and exit. It will be OK to restart. . . Data Execution Prevention (DEP) helps prevent corruption from viruses and other security threats that can be exploited by running (executing) malicious code on memory locations that should only be used by Windows and other programs. This threat can be compromised by taking over one or more memory locations being used by the program. It then spreads and damages other programs, files, and even email contacts. Unlike firewalls or antivirus programs, DEP does not prevent harmful programs from being installed on your computer. However, it monitors the program to determine if the program uses system memory safely. To this end, the DEP software can work independently or in conjunction with a compatible microprocessor to mark certain memory locations as "not executable". If a program attempts to run malicious or non-malicious code from a protected location, DEP closes the program and notifies you. DEP can take advantage of software and hardware support. To use DEP, your computer must be running Microsoft Windows XP with Service Pack 2 (SP2), Microsoft Windows Server 2003 with Service Pack 1 (SP1), or an x64-based version of Windows Server 2003 or Windows XP operating system. Using DEP software alone can help prevent certain types of malicious code attacks, but to take full advantage of the protection provided by DEP, the processor must support “execute protection”. This is a hardware-based technology designed to mark memory locations as "unexecutable". If your processor does not support hardware-based DEP, it is best to upgrade to a processor that provides execution protection. How to set: To open “System Properties", click “Start”, point to “Set">, click “Control Panel", and then double-click “System”. Click the “Advanced" tab, under "Performance", click “Set”. Click the “Data Execution Protection” tab. Select the first option " Enable data execution protection only for critical Windows programs and services. Of course you can also choose the second option and then add unprotected programs.
Copyright © Windows knowledge All Rights Reserved