帐号宽带帐号安全的威胁与防范方法（Threats and prevention methods of broadband account security）

宽带帐号安全的威胁与防范方法Threats and prevention methodsof broadband account security

Threats and prevention methods of broadband account securityOver the past year, broadband users in China have grown rapidly,and broadband has brought convenience to family users. However,security problems such as broadband account theft and otherissues have become increasingly prominent. Hackers stealingbroadband accounts for online consumption, making broadbandusers suffer economic losses, but also to the development ofbroadband in China has had a negative impact. Broadband usersshould raise awareness of network security, and to strengthenthe system, open ports, close sharing the correspondingtechnical measures to prevent hacking of computer, reduce oravoid due account theft losses.

T-INDENT: 2em ">

1, the emergence of problems

The development of broadband information communication hasbrought convenience to people, but also have some problems. Inrecent years, many China Telecom ADSL broadband usersunwittingly, unsuspecting case, the account was stolen afterplaying online games, Shanda Chongzhi QQ coins and otherconsumer when things happen. The author is ADSL broadbandmonthly users, in 2005 May the net cost of 100 yuan more thanjust a single "vent" cost. After many inquiries, found that the100 yuan from the joint vent SP (Service Provider serviceproviders) one of the "Tencent Technology Company Limited",

mainly for QQ account recharge consumption. By talking toconsumer QQ, he learned that he entered the ADSL account throughvent.

Vent is a landing feature for Telecom broadband account users.Broadband account user broadband account their access to ventservices website, do not need to enter the account name andpassword, simply click on the"vent YiDianTong"button, you canlogin security, and use vent partners to provide relatedproducts and services. Since it is safe login, and how can theaccount lost money thing?.

2, broadband account cost overruns cause analysis

At present, the telecommunications sector in order to preventthe user broadband account was stolen, have done a lot ofprevention in technology, such as broadband account and dialthe phone number tied together, and even broadband account andcomputer network card MAC address together, let the account canonly be used on a fixed computer or telephone lines and otherplaces not use the Internet bound account. Many users,especially for computer network security is not veryprofessional users think this is very safe, the account willnot be an easy job to do to steal, but that is not the case,if you do not have a good network security awareness, not tomake the necessary computer security, computer hackers caneasily invade your computer remote ADSL account, theft, or evensteal important information from your computer.

Computer hackers can use an even vulnerability invasion usercomputer open port and weak password. Hackers can access each

other through the network QQ (or direct access to IP) , use ofscanning tools (e.g. Superscan, X-scan) to scan the user' scomputer port and access to IP, and then run the clientconnection tool (e.g. ice 2.2) invade the user' s computer, aslong as your network is through a broadband account has beencalled, they can use vent' s "vent YiDianTong" function forremote direct consumption. Children and friends at home,through your ADSL account at home, can also use the"vent point"function to enter vent to order various services.

By providing can advance consumption"credit line"at least 100yuan for every vent broadband users, these hackers or thechildren at home would be free in the network in advanceconsumption, many users often only in the time of payment willfind themselves to pay for others.

3, broadband account security precautions

In view of the above situation, the author puts forward thefollowing preventive measures:

The cancellation of the vent account or cancel the credit limitBroadband users do not intend to use vent,

As soon as possible to the telecom business to apply forcancellation or landing vent website www.chinavnet. com, in"mystar" - "my account" --- "I want you" column for cancellation.If you f ind that your account has been stolen, modify your ADSLaccount password immediately and cancel all the orderedservices in the "vent" my "starry sky".

How to strengthen the system, to prevent hacking

Strengthen the system: to upgrade the operating system or patchto patch vulnerabilities; reduce the number of computeradministrators; set the security option does not display lastuser name; do not open unsolicited e-mail and software, do notreturn messages from strangers; use the computer to install thenecessary hacking software, firewall and anti-virus software,and keep updated regularly promptly killing computer virusesand Trojans, prevent hacking of computer. In general, we usesome powerful anti -Black software and software firewalls toensure our system security.

Strengthen the password: set the administrator passwordcorrectly (system boot password) andADSL password; letters andnumbers mixed arrangement, also contains many types ofcharacters, such as uppercase letters, lowercase letters,numbers and punctuation (@#, , , $,%&. . . ) the password shouldbe no less than 8 characters; disable the ADSL dial-up softwareand remember the password function, that is, uncheck the"remember password" item.

The limitation of open ports, prevent illegal intrusionBy restricting ports to prevent illegal intrusions, thecorresponding open ports are closed, such as 3389 ports. Inbrief, the mainmode of illegal invasion can be roughly dividedinto 2 kinds. (1) scan ports, through the known system Bug intothe host. (2) grow Trojan, use the back door that trojan opens,enter host. If we can limit these two illegal intrusions, we

can effectively prevent the illegal invasion of hacker tools.What' s more, the two illegal intrusions have one thing in common,that is, access to the host via the port. To prevent the blackwill close these dangerous ports, for individual users, you canlimit all ports, because you don't have to make your machineto provide any service to the outside; and to provide networkservices to foreign servers, we need to have to use the port(such as WWW, FTP port 21, port 80 the mail service port 25,

110) open, the other port is closed.

The 139port is theNetBIOS Session port, usedfor file and printsharing. It is worth noting that the UNIX machine running Sambais also open 139 ports, the same function. This port is one ofthe ports that hackers prefer to use. 139 port is closed in thenetwork and dial up connections "window" local connection"selected" Internet protocol (TCP/IP) into the "TCP/IP"attribute, advanced settings "option" WINS set "which has a"disable TCP/IP NETBIOS ", tick off 139 port. For individualusers, you can set the service property settings as "disable",so as not to restart the service when the next restart, the portwill also open.

3389 port, the network administrator can have Windows Serveror Windows XP to install it by remote computer management andmaintenance, hackers or illegal attackers can easily get theserver in the super administrator account. Methods closed atWindows in XP is: right click on my computer, select properties-- > will be inside the remote, remote assistance and remotedesktop two options box removing the hook. Methods closed atWin2000 in server is: Start -- > applications -- >managementtools -- > service found Terminal Services service, select

options will startup type tomanual, and the service is stopped.(the method is also applicable in XP)

4899 port is opened by a remote control software of the serverport, because the control software is powerful, so often usedby hackers to control their own chickens, and this kind ofsoftware will be killing anti-virus software, even safer thanthe back door. 4899 is not the system' s own services,

You need to install it yourself, and you need to upload theserver to the invading computer and run the service to achievethe purpose of control. So, as long as your computer has a basicsecurity configuration, it' s hard for hackers to control youthrough 4899.

For users using Windows 2000 or Windows XP, there is no needto install any other software, and you can use the TCP/IP filterfeature to restrict the server' s ports. The settings (closingmethod) are as follows: click start, control panel, networkconnection, local connection, right key, attribute, and thenselect Internet (tcp/ip) >attribute", . In the Internet (tcp/ip)properties dialog box, select advanced tab. In the advancedTCP/IP settings dialog box, select Options > TCP/IP Filter >properties", . Here is divided into 3 items, namely TCP, UDP,IP protocol. If I just want to open the system 21, 80, 25, 110of the 4 ports, as long as the "TCP port" check "only" and thenclick "add" in these ports are added to the inside, and thendetermine the. Note: after the modification, the system willprompt the restart, so that the settings will be effective. Inthis way, when the systemrestarts, you will only open the portsyou selected, and other ports will not open.

The default sharing, prohibit empty connection

Most of the current operating system used for Win XP homecomputer and Win2000 pro, the two default sharing provided bythe system (IPC$, C$, D$, ADMIN$) is the most love by hackersway, broadband users can run CMD net share to view the inputof the machine sharing, if there is abnormal sharing so, shouldbe closed. But sometimes when you close the sharing and appearagain next time, then you should consider whether your machinehas been controlled by the hacker or the virus.

You can use the net share default sharing default sharing/delete commands (such as net share C$/delete) , but this methodcloses when sharing after the next boot appeared again, so ifthe user is not in service sharing broadband LAN use, simply"local connection" property "and printer network file sharinguninstall fall, default sharing can completely shut down.Prohibit the establishment of connections is the first runningregedit, find the following key

[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentContro lSe t\\Contro l\\LS

A] in the registry key RestrictAnonymous (DWORD) changed from0 to 1.

The use of intrusion detection means, to prevent intrusionThe most common trojan is usually between client terminal andserver communication based on TCP/UDP protocol, since use ofthese two protocols, it is inevitable to end in server (is aTrojan machine) open monitoring port for connection. We can use

the method of checking the open port of this machine to checkwhether we have been plantedwith a Trojan horse or other hackerprograms.

We use the Windows netstat command itself (with method usingnetstat?Query command) and the Windows2000 command-line toolfport, can effectively see the computer for open ports, andthrough some suspicious open ports run the program. Shuttingthese ports in time and deleting these suspicious programs canensure the security of the computer system more effectively.4, concluding remarks

Broadband Internet security problems, the existing broadbandoperators, Internet service providers and content providers inthe implementation of network security strategy design andtechnology, there are reasons for broadband users their safetyawareness and safety measures are not in place, and our networklegislation is lagging behind, no legal basis for the cause ofthe problem. To solve the security problems of broadbandInternet, it is necessary to work together in many aspects.Broadband users should improve their awareness of networksecurity, and adopt corresponding technical precautions, suchas strengthening the system, limiting open ports and closingshar ing,

To prevent hackers from hacking into computers, to reduce oravoid the economic losses caused by the theft of accounts.