Quote:
Cele303 kaže:
Zašto ne bi dozvolio? Ako i ne dozvoli, pobrisat će ti post... Ajde stavi tu skriptu, baš me zanima šta si to osmislio!
|
Evo ga:
Attack: The lame attack which will use the password screensaver to hack your admin account.
Defence: Go to: Start-run-regedit
HKEY_USERS - .Default – Control Panel – Desktop (single click here)
SCRNSAVE.EXE – double click and set value: none
ScreenSaveActive – double click and set value: No
Attack: Someone who brute force your admin password must know the username first. The default username for administrator account is Administrator. Make the username different and that way protect youself a little more from brute-forcing technique to your admin account
Defence: Change the default username:
Start – Control Panel – Administrative Tools – Computer Management
Local Users and Groups – Users – Right click Administrator and rename
Attack: If you have guest account turned on, althought it is limited it offers some possibilities to attacker to find out your administarot password
Defence: Start – Control Panel – Administrative Tools – Computer Management
Local Users and Groups – Users – Guest – right click and then properties - check Account is disabled checkbox
Attack: Someone can easily exploit Remote Desktop finding your password and then have full remote control over your system
Defence: Disable Remote Desktop:
Right click My Computer – Remote
Clear the checkbox from the Allow users to connect remotely to this computer
Attack: Someone can access your computer throught Remote Assistance even you don’t allow him
Defence: Disable Remote Assistance
Right click My Computer – Properties – Remote – uncheck checkbox Allow Remote Assistance invitations to be sent from this computer box
Attack: Someone can access your shared files and find out if you have some sensitive informations
Defence: Start – Control Panel – Network Connections – double click Local Area Connection – General – Properites – clear the checkbox File and Printer Sharing for Microsoft Windows box
Attack: If in your pagefile is stored something confident like usernames and password, someone who has broke into your computer can easily access them
Defence: Start- Run – regedit
HKEY_LOCAL_MACHICE – System – CurrentControlSet – Control – Session Manager – Memory Management (one click here)
Double click ClearPageFileatShutdown and set it to value 1
Attack: Somone can use your dumb file to access some confidental informations
Defence: Start – Control Panel – System – Advanced – Starup and Recovery section – Settings
Write Debugging informations drop-down box – None
Attack: Someone can access your file sharing documents and find out sensitive informations about you and maeby you account
Defence: Disable Simple File Sharing:
My Computer – Tools – Folder Options – View – Use simple file sharing
Attack: If you have unused web server someone can easily exploit it and gain remote access to your computer
Defence: Start – Control Panel – Add or Remove Programs – Add/Remove Windows Components
Uncheck the checkbox Internet Information Services (IIS)
Attack: Someone can exploits the hosts file on you computer
Defence: Modify the hosts file
My Computer – C:\ - Windows – System32 – Drivers – Etc - look at the file named hosts
Create new line and type your ip 127.0.0.1, then space and the website you want to block
Attack: Even if you show extension, some very common extension will not show. This can allow the attacker to trick you with his double extension files
Defence: Start – run – regedit
Then click Edit – Find and type: NeverShowExt. Delete all registry keys that contain this name (there are more than 10). To continue searching the registry, press F3
Attack: Someone can give you VBScript file and infect your computer
Defence: Disable VSScript files:
My Compputer – Tools – Folder Options – File Types – VBS Extension
Except VBS, do this in the following extensions:
JS, JSE, VBE, WSF