As a The server Administrators , You should know the harmfulness of server poisoning and how to deal with it after server poisoning , First, install anti-virus software , Antivirus in safe mode . At ordinary times, we should pay attention to strengthening the awareness of anti-virus , Do a good job of prevention in advance, such as ： Update virus library , Kill virus regularly , Update patches regularly 、 Back up data regularly .

Today, Feifei mainly shares with you several solutions to strengthen server security , I hope I can help you ~

Scheme 1 ： Use a strong login password , Avoid weak password , And change the password regularly

1、 High strength password ：8 Above position , Use capital letters + Lowercase + Numbers + Symbol （ give an example ：CWidc02@！#￥@）
2、 Do not use weak passwords ： As the name suggests, weak password means that there is no strict and accurate definition , It is generally believed that passwords that are easy to be guessed by others or cracked by cracking tools are weak passwords （ give an example ：123456;abcdefg;admin）
3、 Change password regularly ： The normal system login password needs to be in 3-6 Change the password once a month
4、 In addition, if there are multiple servers in the organization, you must not use the same password , In this way, if one server falls, other servers will also be poisoned
5、 Try not to open DMZ Host or desktop mapping function , Avoid computers IP Burst and leak on the public network

Option two ： Enforce password policy through group policy , Stop when the number of errors reaches a certain number

1、win+r Turn on run , Input gpedit.msc

2、 Computer settings —Windows Set up — Security Settings — Account Strategy — Account locking strategy ”, Then go to... In the right pane “ Account lock threshold ” term , The number of failed login attempts of the user can be set here , The value is 0 To 999 Between , The default is 0 Indicates that the number of logins is unlimited , We can change it to 3 or 10.（ After setting up , You can also set the time of account locking ）

3、 Note after modification ： When the number of times a user tries to log in to the system and enters the wrong password reaches a certain threshold, the account will be locked automatically , Before the account lock expires , This user will not be able to use , Unless the administrator manually unlocks .

Option three ： Turn off unnecessary ports

Such as ：445、135,139 etc. , Yes 3389 The port can be configured with a white list , Only those in the white list are allowed ip Connection landing

1、 First, right-click the taskbar network icon , choice “ Open the network and Sharing Center ” Click in the lower left corner of the network and sharing center “Windows A firewall ”

2、 stay Windows Click... In the firewall “ Advanced settings ”, Click on the top left corner “ Inbound rules ”, Then select the new rule in the upper right corner

3、 Rule type click port , Select next

4、 stay “ Specific local port ” Input in “445”, Click to go to the next step , Then select... In the operation “ Block connection ”, Click to go to the next step

5、 Click to go to the next step , Click Finish to finish the 445 Port closure , Similarly, other ports can be disabled in the same way

Option four ： Use 360 Safety guard “ Black proof reinforcement ” Turn off file sharing 、admin$ Manage sharing 、 Remote service, etc

1、 open 360 The security guard searches at the top right “ Black proof reinforcement ” Open this tool

2、 Prompt detection after opening , Click on “ Detect immediately ”

3、 The inspection results will prompt relevant reinforcement suggestions , Follow the recommendations , Can effectively protect against attack

Summary

Through the above four methods , Can effectively protect the server from remote attacks , If you are worried that your computer or the company's computer will be attacked, then quickly set the protection manually according to the above methods