如何保护自己的电脑 ip 不让别人攻击掉线（How do you protect your computer IP from being dropped）

如何保护自己的电脑 ip 不让别人攻击掉线（How do you protect your computer IP from being dropped） 如何保护自己的电脑 ip 不让别人攻击掉线(How do you protect your computer IP from being dropped) How do you protect your computer IP from being attacked? Some people will say that attack you IP let you drop he implemented after you really lost how to do reward points: 100 - to solve time: 2009-1-10 22:35 he said on QQ UT that let you drop off for a while you tell me how to deal with him is my IP. I can't change the fixed do not always let him get ah If I am an Internet cafe, it is impossible to install firewalls in every station. Is there any other good way?: You see, it might be useful to you. Cancel folder to hide share If you use the Windows 2000/XP system, right click the C or other disk, choose to share, you will be surprised to find that it has been set to "share this folder in the" network neighborhood "can't see the content, how is this going on? Originally, by default, Windows 2000/XP will open all partitions hidden shared from the control panel / management tools / computer management "window to select" system tools / share / share ", you can see each disk partition name behind with a" $". But as long as the type the computer name or IPC$", the system will ask the user name and password, unfortunately, most of the individual users Administrator password is empty, the intruder can easily see the C content, the network security has brought great hidden danger. How do you eliminate default sharing? The method is very simple, open the registry editor, enter "HKEY_LOCAL_MACHINESYSTEMCurrentControlSetSevicesLanmanworkstationparameters", a new name "AutoShareWKs" double byte value, and its value is "0", and then restart the computer, this share was canceled. Two, refuse malicious code Malicious web pages have become one of the biggest threats to broadband. Modem was used before because it was slow to open pages, shut down malicious web pages before being fully opened, and avoided the possibility of being caught. Broadband is now so fast that it can easily be attacked by malicious web pages. Malicious web pages are generally destructive because they are written in malicious code. These malicious code is equivalent to some small programs, as long as the opening of the web page will be run. Therefore, to avoid malicious web attacks, as long as the prohibition of the operation of these malicious code on it. Run the IE browser, click "tools /Internet options / safety / custom level, the security level is defined as" security level high "," ActiveX controls and plug-ins in the second, third set to "disabled", the other is set to "tip", then click "ok". After this setting, when you use IE to browse web pages, you can effectively avoid malicious web pages malicious code attacks. Three, seal hacker's back door" As the saying goes "There are no waves without wind.", since hackers can enter the system, there must be open for them, as long as the "back door" blocked the back door, so that hackers no place to start, there is no menace from the rear! 1. cut out unnecessary agreements For servers and hosts, it's enough to just install the TCP/IP protocol. Right click the network neighbor, select properties, right-click the local connection, select properties, and uninstall unnecessary protocols. Among them, NETBIOS is the root of many security flaws. For those hosts that do not need to provide file and print sharing, they can also close the NETBIOS that is bound to the TCP/IP protocol and avoid attacks against NETBIOS. Select the "TCP/IP protocol / property / advanced", enter the advanced TCP/IP settings dialog box, select the WINS tab, tick the disable TCP/IP on NETBIOS, and close NETBIOS. 2. close file and print sharing" File and print sharing should be a very useful feature, but it's a good security hole for hacking when you don't need it. So, without the need for "file and print sharing", we can turn it off. Right click the network neighbor, select properties, and then click the file and print sharing button to remove the hook in the two check boxes in the pop-up file and print share dialog box. Although the file and print share is closed, there is no guarantee of security, and the registry must be modified to prevent it from changing file and print sharing". Open the registry editor, select the "HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesNetWork" key, new types of DWORD keys in the key, the key is called "NoFileSharingControl" key to "1" said the ban function, so as to achieve the prohibition to change the file and print sharing ";" 0 "key allows this function. In this "network neighbor" property dialog box, "file and print sharing" no longer exists. 3. disable the Guest account There are many intrusions through this account to further access the administrator password or permissions. If you don't want to give your computer to someone else as a toy, it's forbidden. Open the control panel, double-click the user and password, click the Advanced tab, and then click the advanced button to eject the local user and group window. Right click on the Guest account, select properties, and select "the account is disabled" on the "general" page". In addition, the Administrator account name change can prevent hackers know their own administrator account, which will largely guarantee computer security. 4. prohibit the establishment of empty connections By default, any user can connect to the server via an empty connection, enumerate the account number, and guess the password. Therefore, we must prohibit the establishment of empty connections. There are two ways: Method one is to modify the registry: open the registry "HKEY_LOCAL_MACHINESystemCurrentControlSetControlLSA", the DWORD value "RestrictAnonymous" key to "1" can be. Finally, I suggest you put your own system patches, Microsoft those endless patches are still very useful! Four, hide the IP address Hackers often use some network detection technology to check our host information, the main purpose is to get the IP address of the host in the network. IP address is a very important concept in network security, if the attackers know your IP address, is ready for his attack, he can ask the IP to launch a variety of attacks, such as DoS (denial of service) attack, Floop overflow attack etc.. The primary way to hide IP addresses is to use proxy servers. Compared with the direct connection to Internet, the use of proxy servers can protect the IP address of Internet users, thus ensuring Internet security. The principle of the proxy server is the client (user computer) and remote server (such as the user wants to access remote WWW server) set up between a "station", when a client request to a remote server, proxy server first intercept the user's request, and the proxy server will service request to the server. In order to achieve between the client and the remote server connection. Obviously, after the proxy server is used, other users can only detect the IP address of the proxy server, not the IP address of the user, thus realizing the purpose of hiding the user's IP address and ensuring the security of the user's Internet access. There are many websites offering free proxy servers, and you can also find them yourself using proxies, hunters, and other tools. Five, turn off unnecessary ports A hacker often scans your computer's ports during an invasion. If the port monitor (such as Netwatch) is installed, the monitor will have a warning prompt. If you encounter this kind of intrusion, software tools available to close the port, for example, to provide web service 80 and 443 port closure with "Norton Internet Security", some other commonly used ports can be turned off. Six, replace the administrator account Administrator accounts have the highest system privileges, and once the account is used, the consequences can be disastrous. One of the common ways of hacking is to try to get the password for the Administrator account, so we have to reconfigure the Administrator account. The first is to set up a strong and complex password for the Administrator account, then we rename the Administrator account, and then create a Administrator account with no administrator privileges to cheat the intruder. As a result, it is difficult for intruders to figure out which accounts have administrator rights and, to some extent, reduce the risk. Seven, to prevent the invasion of Guest accounts The Guest account, known as the guest account, has access to the computer but is restricted. Unfortunately, Guest also opened convenient ways for hacking! There are many articles on how to use Guest users to get administrator privileges, so we must put an end to the system invasion based on Guest accounts. It's best to disable or completely delete Guest accounts, but in some cases you have to use Guest accounts, you need to do defensive work in other ways. First, set up a strong password for Guest, and then specify the access rights of the Guest account to the physical path. For example, if you want to prevent Guest users can access the tool folder, right-click the folder, select the "security" tab in the pop-up menu, can be seen from all users can access this folder. Delete all users except administrators. Or set permissions for the appropriate user in the permissions, For example, you can only list folders, directories, and read, so that's much safer. Eight. Install the necessary security software We should also install and use the necessary software in computer hacking, antivirus software and firewall is necessary. Open them on the Internet so that even when hackers attack, our security is guaranteed. Nine, to prevent Trojans Trojan horse program will steal useful information embedded in the computer, so we have to prevent hackers implanted Trojan horse, the commonly used method is: When downloading files, first put them in your own new folder, and then use antivirus software to detect and play the role of preventing in advance. In the "start", "program", "start", "start", "start", "program", "Startup", see if there are any unknown running items, if so, delete them. ? all the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run in the registry under the "Run" prefix for all suspicious procedures can be deleted. Ten, do not return to strangers mail Some hackers may be posing as some formal website name, user name and password and then make a highfalutin reason to send a letter to you to ask you to enter the Internet, if you press the "OK", your account number and password into the hacker mailbox. So don't just return a stranger's mail. Even if he says it sounds good, he won't be fooled. Do a good job of IE security settings ActiveX controls and Applets have strong functions, but there are also hidden dangers that are exploited. Malicious code in a web page is often a small program written using these controls. As long as the page is opened, it will be run. Therefore, to avoid malicious web attacks, only prohibit the operation of these malicious code. IE provides a wide variety of options for this. The settings are: Tools > Internet Options > Security > Custom levels, and you are advised to disable ActiveX controls and related options. There is nothing wrong with being careful! In addition, in the IE security settings, we can only set Internet, local Intranet, trusted sites, restricted sites. However, Microsoft to hide the "my computer" safety set here, by modifying the registry to the options open, so that we can have more choices in dealing with the control of ActiveX and Applets, and have a greater impact on the local computer security. The following is the specific method: open the "Start Menu" run ", in the pop-up" run "dialog box, enter the Regedit.exe, open the registry editor, click the" + "in front of the number expanded to: HKEY_CURRE-NT_USER\Software\Microsoft\Windows\ CurrentVersion\InternetSettings\Zones\0, DWORD find the value of" Flags "on the right side of the window, the default key value is sixteen hexadecimal 21 (33 decimal), click" Flags "in the popup dialog box will its value to" 1 "then, close the registry editor. No need to restart the computer, restart the IE, click Tools > Options Internet Security tab again, see the "my computer" icon you will, here you can set the security level of it. Set its security level higher, so that the prevention is more stringent. Next scheme: If it's fixed, IP. Then you can choose the proxy server. Because the attack against QQ is UDP. Even firewalls are useless. Of course, the premise is that you want to pull him into the blacklist and then change the agent