MQT s6 BI¥N pHAp KYTHU~TDE~ CHE RID RO ANToAN THONG TIN KHI sir DVNG Hi DIEU IIANH WINDOWS XP SAU mOl DIEM MICROSOFT NGUNG HO TRQ 1. Tbong tin cbung 1.1. H~ c1i~ubanb Window XP ' H~ di8u h8nh Windows XP (Windows XP) .cuahang Microsoft duQ'cra m!t vao ngay 25/10/2001 la mQt dong h~ di8u hanh (lIDH) d8nh cho cac may tinh ca nhan, h6 trQ' bQvi xUly 32 bit va 64 bit. Day duQ'Ccoi hi h~ diSu hanh duQ'c sir d\ll1grAtph8 bi8n cua hang Microsoft va ciing la th8 h~ h~ diSu hanh k8 t\1ccUa ca cac phien ban h~ diSu h8nh Windows 2000 Professional va Windows Me. Windows XP ban 32 bit duQ'c cung cAp kem theo goi c~p nh~t moo nhAt la Service Pack 3(SP3) va Windows XP ban 64 bit duQ'ccung cApkem theo goi c~p nh~t m6i nhAt la Service Pack 2 (SP2), cac goi c~p nh~t nay cu~g cApnhiSu tinh nang bao m~t b8 sung so v6i phien ban Windows XP ban dAu. Hang Microsoft da:cong b5 chinh thuc se ngimg h6 trQ'Windows XP vao ngay 8/4/2014. Sau thOi diem nay,-cac may tinh dang cai d~t Windows xP v§n co the ti8p Wc sir d\ll1g, c~p nh~t ban va da co. Tuy nhien bang Microsoft .se ngimg cac dich V\lsau: -H6 trQ' ky thu~t cho nguOi sir d\ll1g, - Dich V\l tv dQng c~p nh~t (bao g8m cac ~an va an toan thong tin) cho Windows XP, - Dimg cung cdp phAn mSm bao v~ an toan thong tin Microsoft Security Essential d8nh cho Windows XP (cac may tinh da: cai phdn mSm nay se co the ti8p t\1csir d\ll1g va c~p nh~t du li~u tir Microsoft them mQt tho; gian nua). 1.2. Anh btr01lg c1~nngU'Oisir dyng kbi kbong duQ'c ti~p tyc h8 trQ' Do con mQt s5 luqng Ian may tinh ~i Vi~t Nam v§n dang sir d\ll1g Windows XP nen vi~c Microsoft chb dUt h6 trQ'h~ di8u hanh nay se gay nhUngaM huang Ian t6i nguo; sird\ll1g,d~cbi~ttrong khia c~ an toan thong tin. Day la vAndS rAtnghiem trQngvi tir nam 2008 d8n nay, Microsoftciingda: 1
6
Embed
MQT s6 BI¥N pHAp KY THU~T DE ~ CHE RID RO AN ToAN … · 2014-05-08 · MQT s6 BI¥N pHAp KY THU~T DE ~ CHE RID RO AN ToAN THONG TIN KHI sir DVNG Hi DIEU IIANH WINDOWS XP SAU mOl
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
MQT s6 BI¥N pHAp KYTHU~TDE~ CHE RID RO ANToANTHONG TIN KHI sir DVNGHi DIEU IIANH WINDOWS XP SAU
mOl DIEM MICROSOFT NGUNG HO TRQ
1. Tbong tin cbung
1.1. H~ c1i~ubanb Window XP '
H~ di8u h8nh Windows XP (Windows XP) .cua hang Microsoft duQ'cra m!t
vao ngay 25/10/2001 la mQtdong h~ di8u hanh (lIDH) d8nh cho cac may tinh canhan, h6 trQ' bQvi xU ly 32 bit va 64 bit. Day duQ'Ccoi hi h~ diSu hanh duQ'c sir
d\ll1grAtph8 bi8n cua hang Microsoft va ciing la th8 h~ h~ diSu hanh k8 t\1ccUaca cac phien ban h~ diSu h8nh Windows 2000 Professional va Windows Me.
Windows XP ban 32 bit duQ'c cung cApkem theo goi c~p nh~t moo nhAt la
Service Pack 3(SP3) va Windows XP ban 64 bit duQ'ccung cApkem theo goic~p nh~t m6i nhAt la Service Pack 2 (SP2), cac goi c~p nh~t nay cu~g cApnhiSutinh nang bao m~t b8 sung so v6i phien ban Windows XP ban dAu.
Hang Microsoft da:cong b5 chinh thuc se ngimg h6 trQ'Windows XP vao
ngay 8/4/2014. Sau thOi diem nay,-cac may tinh dang cai d~t Windows xP v§n
co the ti8p Wc sir d\ll1g, c~p nh~t ban va da co. Tuy nhien bang Microsoft .sengimg cac dich V\lsau:
-H6trQ' ky thu~t cho nguOi sir d\ll1g,
-Dich V\l tv dQng c~p nh~t (bao g8m cac ~an va an toan thong tin) choWindows XP,
-Dimg cung cdp phAn mSm bao v~ an toan thong tin Microsoft SecurityEssential d8nh cho Windows XP (cac may tinh da: cai phdn mSm nay se co the
ti8p t\1csir d\ll1gva c~p nh~t du li~u tir Microsoft them mQt tho; gian nua).
Do con mQt s5 luqng Ian may tinh ~i Vi~t Nam v§n dang sir d\ll1gWindows XP nen vi~c Microsoft chb dUt h6 trQ'h~ di8u hanh nay se gaynhUngaM huang Ian t6i nguo; sird\ll1g,d~cbi~ttrong khia c~ an toanthongtin. Day la vAndS rAtnghiem trQngvi tir nam 2008 d8n nay, Microsoftciingda:
1
timg phai cung c~p tren 600 hu6ng dfut,ban va khac OOaude kh~c ph\lc cac l6ian t08.nthong tin cho Windows XP.
Tir thvc tS do, sau thai diem tren kha nang tiSp 1\lcphat hi~n ra cac diemySu an t08.nthong tin mai cua Windows XP la khong the .lo~i trir va di8u do thet~o ra cac 16h6ng an t08.nthong tin cho phep tin ~c cin cong gay h~i, an c~pho~c lam hu hong dii' li~u, lay OOi~mphfut m8m ma dQ~ho~c th~ chi cu6pquy8n di8u khiSn may tiOOtrai phep. Va Microsoft cilng da canh bao, cac phfutm8m anti-virus thong thuang khong du kh a nang de b ~o dam an t08.n khiWindows XP bQc lQdiem ySu. ,
Nhu v~y nguai sir d\lllg Windows XP dUngtmac hai S\!,lVachQn:
a) Nang c~p h~ di8u hanh: thay thS Windows XP bfutg cac h~ di8u hanhmai duQ'ch6 trQ't6t han (cua hang Microsoft ho~c cac hang khac ke ca h~ di8uhanh ngu6n ma da duQ'cBQ Thong tin va Truy8n thong khuySn cao). Bay laphuang an cO'ban trong dai h~ OOungdoi hoi phai bao dam cac di8u ki~n: chiphi dAutu de mua s~m va cai d~t h~ di8u hanh, phfut m8m h~ th6ng, cac Ungd\lllg, thiSt bi phfutcUngcho tuang thich; dao t~o va hu6ng dfutsir d\lllg cho moitmang mai, thai gian de thvc hi~n chuyen d6i moi truang.
b) TiSp1\lcsir d\lng Windows XP: phuang an nay co the ap d\lllg trong mQtthai gian hQ'Ply (my theo m\lc dich, hi~u qua sir d\lng) khi chua co du cac di8u
ki~n thvc hi~n phuang an tren. Nguai sir d\lllg phai tang cuang ap d\lng cac bi~!lphap bao dam an t08.nthong tin va phong ch6ng rlii roo1910ngkhuySn cao sird\lllgObi~n phap nay trong cac tmang hQ'Pco yeu cAubao m~t an t08.nthong tincao.
2. MQt sA bi~n phap kY thu~t cAn chu y
Tmac tiOOhiOOthvc tS OOutren, Trung tam VNCERT khuySn cao ca~ t6
chilc, ca OOanmQt s6 bi~n phap ky thu~t cfut luu y de bao dam an t08.n thong tin
khi nang c~p h~ di8u hanh ho~c tiSp 1\lc su d\lllg cac may tiOOvai Windows XP.
2.1 Rao dam an toan khi nang cAp h~ di~u hanh
Khi co quan, t6 chilc tiSn hanh nang c~p ho~c cai d~t mai h~ di8u hanh de
thay thS Windows XP cfut chu y cac bi~n phap kYthu~t sau:
Buac 1: Kiem tra ky cac di8u ki~n truac khi nang c~p
- Kiem tra va bao dam tioo tuang thich cua cac phfut m8m h~ th6ng va cac
Ung d\lllg d6i vai h~ di8u haOOdv kiSn se nang c~p.
2
- KiSm tra, bao dam tinh tUO'llgthich va yeu cAutBi thiSu cua thiSt bi phAncUngdBivai h~ diSu hanh dv kiSn se nang c~p.
Tham khao cac thong. tin yeu cAutBi thiSu vS phAn cUng cua phien banWindows 7, Windows 8 t~i dia chi Internet:
Tham khao yeu cAu phAn cUng dBi vai cac phien ban h~ diSu hanh mangu6n ma Linux nhu Ubuntu va Fedora t~i dia chi Internet: .https://help.ubuntu.com/ community/Instalration/SystemR~quirements va
b. ThiSt l~p chS dQ bflo dam an toan thong tin cho h~ th6ng may tiOO
Windows XP trong qua trinh su d\lllg v~ hanh:
- Su d\lllg tuang lua dugc tich hgp s§n tren h~ diSu hanh, kSt hgp v6i tuang
lua cua h~ th6ng m~g dB quan ly truy c~p tir cac may tiOOkhac too may tiOOcua
mlOOva ngugc l~i. Vi~c thiSt l~p tuang lua phfli bflo dam yeu cdu chi cho phep
cac dich V\l dugc phep su d\lllg ma c6ng ra ben ngoai, dong to~ bQ cac c6ngdich V\lkhong cdn thiSt.
, , ,
- Ga bi>ho~c tat cac dich V\lkhong dUng den ho~c it dUng, trong do d~cbi~t chu ycac dich V\lcho phep kSt-n6i ben ngoai: Netmeeting Remote Desktop
Sharing, Remote Desktop, Remote Registry, Routing & Remote Access, SSDPDiscovery Service, Universal Plug and Play Device Host, Telnet V.v...
- Trong truang hgp b~t bUQc phfli kSt n6i qufln tri tir xa, khong kSt n6i tr1!c
tiSp too cac dich V\lcho phep quan tq h~ diSu hanh tir xa OOudich V\lRemoteDesktop. Trong truang hgp nguffi su d\lllg cdn phfli quan tq may tinh tir xa thi
cdn su d\lllg kSt n6i gian tiSp su d\lllg giao thuc hB trg ma hoa, bflo m,~tOOuVPN, SSH v.v...
c. Tham khflo ap d\lng gifli phap bflo dam an toan thong tin cho WindowsXP "VKT Total Security" cua cong ty Vi~t KiSn T~o.
Gifli phap cua cong ty Vi~t KiSn T~o cho phep bflo v~ may tiOOsu d\ll1g
Windows XP khi>iaM huang cua ma dQcva cac Sl!c6 khac d~ dSnmfttan toanthong tin, gifliphap nay cung cftpco ba nhom tiOOnang chiOOsau:
- VKT Internet Security (VIS): Ch6ng ma dQc xam OO~pqua duanginternet.
b. Thi8t l~p tai khoan ngmJi dUngvm quySn th~p nh~t, chi vira du dS ph\lcV\l cong vi~c theo dung chuc nang, nhi~m V\l duQ'cgiao. Quan ly va d~t m~tkhAuan toan cho cac tai khoan m~c dinh Administrator va Guest. Co thS vo hi~u
hoa tai khoan Guest khi khong su d\lng.
c. Khong su d\ll1gtfli khoan co quySn quan tq (Administrator) khi khong
cfut thi8t dS giflm kha nang lay nhiSm ma dQcvao h~ thang. Chi su d\l11gquySnquan tri khi cai d~t, gO-b6, c~u hinh thay d6i thong tin vS h~ thBng v.v. . .
d. B~t chuc nang ghi nh~t kYho~t dQngdS theo doi va giam sat ho~t dQngsau: Account logon events, Account management, Logon events, Object access,Policy change, Privilege use, System events.
e. V0 hi~u hoa chuc nang chia se tfli nguyen m~~ dinh cho mQt sB phan
vUng va dich V\l bao g6m: C$ D$ E$, ADMIN$, FAX$, IPC$, NetLogon,PRINT$.
g. T~t b6 cac tinh nang tg dQngch~y trng d\ll1gkhi k8t nBi vai thi8t bi luu
tm ngoai (vi d\l the nha ngoai giao ti8p qua c6ng USB) dS giain nguy ca lay Ian
ma dQcthong qua vi~c saDchep thong tin. Trong truCmghQ'Pcfutthi8t nguai sud\ll1gco trinh dQky thu~t co thS ~o phan vUng (partition) rieng dS ghi, luu dfr
li~u nhung cb ch~y cac t~p tin th\lc thi tren phan vUng nay, bi~n phap nay secho phep ngan can th\lc thi cac t~p tin co chua ma dQc.
h. Cai d~t va dinh kY c~p nh~t dfr li~u cho phfut mSm Antivirus va thUCmg
xuyen su d\ll1gphfut mSm nay dS kiSm tra va phat hi~n ma dQC.
i. SU d\lng cong C\l "Tcpview.exe" dS kiSm tra va phat hi~n cac k8t nBim~ng b~t thuCmgill may tinh cua minh ra cac dia chi l~ ben ngoai m~g va su
d\lng cong C\l"procexp.exe" dS kiSmtra cac ti8n trinh l~ sinh ra trong khi may
5
tinh khai dQng ho~c khong sir d\ll1g. Hai cong C\l nay dugc tich hgp trong bQ
cong C\l"Sysinternals Suite" do hang Microsoft cung c~p t~i dja chi Internet: