6
MQT s6 BI¥N pHAp KYTHU~TDE~ CHE RID RO ANToAN THONG TIN KHI sir DVNG Hi DIEU IIANH WINDOWS XP SAU mOl DIEM MICROSOFT NGUNG HO TRQ 1. Tbong tin cbung 1.1. H~ c1i~ubanb Window XP ' H~ di8u h8nh Windows XP (Windows XP) .cuahang Microsoft duQ'cra m!t vao ngay 25/10/2001 la mQt dong h~ di8u hanh (lIDH) d8nh cho cac may tinh ca nhan, h6 trQ' bQvi xUly 32 bit va 64 bit. Day duQ'Ccoi hi h~ diSu hanh duQ'c sir d\ll1grAtph8 bi8n cua hang Microsoft va ciing la th8 h~ h~ diSu hanh k8 t\1ccUa ca cac phien ban h~ diSu h8nh Windows 2000 Professional va Windows Me. Windows XP ban 32 bit duQ'c cung cAp kem theo goi c~p nh~t moo nhAt la Service Pack 3(SP3) va Windows XP ban 64 bit duQ'ccung cApkem theo goi c~p nh~t m6i nhAt la Service Pack 2 (SP2), cac goi c~p nh~t nay cu~g cApnhiSu tinh nang bao m~t b8 sung so v6i phien ban Windows XP ban dAu. Hang Microsoft da:cong b5 chinh thuc se ngimg h6 trQ'Windows XP vao ngay 8/4/2014. Sau thOi diem nay,-cac may tinh dang cai d~t Windows xP v§n co the ti8p Wc sir d\ll1g, c~p nh~t ban va da co. Tuy nhien bang Microsoft .se ngimg cac dich V\lsau: -H6 trQ' ky thu~t cho nguOi sir d\ll1g, - Dich V\l tv dQng c~p nh~t (bao g8m cac ~an va an toan thong tin) cho Windows XP, - Dimg cung cdp phAn mSm bao v~ an toan thong tin Microsoft Security Essential d8nh cho Windows XP (cac may tinh da: cai phdn mSm nay se co the ti8p t\1csir d\ll1g va c~p nh~t du li~u tir Microsoft them mQt tho; gian nua). 1.2. Anh btr01lg c1~nngU'Oisir dyng kbi kbong duQ'c ti~p tyc h8 trQ' Do con mQt s5 luqng Ian may tinh ~i Vi~t Nam v§n dang sir d\ll1g Windows XP nen vi~c Microsoft chb dUt h6 trQ'h~ di8u hanh nay se gay nhUngaM huang Ian t6i nguo; sird\ll1g,d~cbi~ttrong khia c~ an toan thong tin. Day la vAndS rAtnghiem trQngvi tir nam 2008 d8n nay, Microsoftciingda: 1

MQT s6 BI¥N pHAp KY THU~T DE ~ CHE RID RO AN ToAN … · 2014-05-08 · MQT s6 BI¥N pHAp KY THU~T DE ~ CHE RID RO AN ToAN THONG TIN KHI sir DVNG Hi DIEU IIANH WINDOWS XP SAU mOl

  • Upload
    others

  • View
    1

  • Download
    0

Embed Size (px)

Citation preview

MQT s6 BI¥N pHAp KYTHU~TDE~ CHE RID RO ANToANTHONG TIN KHI sir DVNGHi DIEU IIANH WINDOWS XP SAU

mOl DIEM MICROSOFT NGUNG HO TRQ

1. Tbong tin cbung

1.1. H~ c1i~ubanb Window XP '

H~ di8u h8nh Windows XP (Windows XP) .cua hang Microsoft duQ'cra m!t

vao ngay 25/10/2001 la mQtdong h~ di8u hanh (lIDH) d8nh cho cac may tinh canhan, h6 trQ' bQvi xU ly 32 bit va 64 bit. Day duQ'Ccoi hi h~ diSu hanh duQ'c sir

d\ll1grAtph8 bi8n cua hang Microsoft va ciing la th8 h~ h~ diSu hanh k8 t\1ccUaca cac phien ban h~ diSu h8nh Windows 2000 Professional va Windows Me.

Windows XP ban 32 bit duQ'c cung cApkem theo goi c~p nh~t moo nhAt la

Service Pack 3(SP3) va Windows XP ban 64 bit duQ'ccung cApkem theo goic~p nh~t m6i nhAt la Service Pack 2 (SP2), cac goi c~p nh~t nay cu~g cApnhiSutinh nang bao m~t b8 sung so v6i phien ban Windows XP ban dAu.

Hang Microsoft da:cong b5 chinh thuc se ngimg h6 trQ'Windows XP vao

ngay 8/4/2014. Sau thOi diem nay,-cac may tinh dang cai d~t Windows xP v§n

co the ti8p Wc sir d\ll1g, c~p nh~t ban va da co. Tuy nhien bang Microsoft .sengimg cac dich V\lsau:

-H6trQ' ky thu~t cho nguOi sir d\ll1g,

-Dich V\l tv dQng c~p nh~t (bao g8m cac ~an va an toan thong tin) choWindows XP,

-Dimg cung cdp phAn mSm bao v~ an toan thong tin Microsoft SecurityEssential d8nh cho Windows XP (cac may tinh da: cai phdn mSm nay se co the

ti8p t\1csir d\ll1gva c~p nh~t du li~u tir Microsoft them mQt tho; gian nua).

1.2. Anh btr01lg c1~nngU'Oisir dyng kbi kbong duQ'c ti~p tyc h8 trQ'

Do con mQt s5 luqng Ian may tinh ~i Vi~t Nam v§n dang sir d\ll1gWindows XP nen vi~c Microsoft chb dUt h6 trQ'h~ di8u hanh nay se gaynhUngaM huang Ian t6i nguo; sird\ll1g,d~cbi~ttrong khia c~ an toanthongtin. Day la vAndS rAtnghiem trQngvi tir nam 2008 d8n nay, Microsoftciingda:

1

timg phai cung c~p tren 600 hu6ng dfut,ban va khac OOaude kh~c ph\lc cac l6ian t08.nthong tin cho Windows XP.

Tir thvc tS do, sau thai diem tren kha nang tiSp 1\lcphat hi~n ra cac diemySu an t08.nthong tin mai cua Windows XP la khong the .lo~i trir va di8u do thet~o ra cac 16h6ng an t08.nthong tin cho phep tin ~c cin cong gay h~i, an c~pho~c lam hu hong dii' li~u, lay OOi~mphfut m8m ma dQ~ho~c th~ chi cu6pquy8n di8u khiSn may tiOOtrai phep. Va Microsoft cilng da canh bao, cac phfutm8m anti-virus thong thuang khong du kh a nang de b ~o dam an t08.n khiWindows XP bQc lQdiem ySu. ,

Nhu v~y nguai sir d\lllg Windows XP dUngtmac hai S\!,lVachQn:

a) Nang c~p h~ di8u hanh: thay thS Windows XP bfutg cac h~ di8u hanhmai duQ'ch6 trQ't6t han (cua hang Microsoft ho~c cac hang khac ke ca h~ di8uhanh ngu6n ma da duQ'cBQ Thong tin va Truy8n thong khuySn cao). Bay laphuang an cO'ban trong dai h~ OOungdoi hoi phai bao dam cac di8u ki~n: chiphi dAutu de mua s~m va cai d~t h~ di8u hanh, phfut m8m h~ th6ng, cac Ungd\lllg, thiSt bi phfutcUngcho tuang thich; dao t~o va hu6ng dfutsir d\lllg cho moitmang mai, thai gian de thvc hi~n chuyen d6i moi truang.

b) TiSp1\lcsir d\lng Windows XP: phuang an nay co the ap d\lllg trong mQtthai gian hQ'Ply (my theo m\lc dich, hi~u qua sir d\lng) khi chua co du cac di8u

ki~n thvc hi~n phuang an tren. Nguai sir d\lllg phai tang cuang ap d\lng cac bi~!lphap bao dam an t08.nthong tin va phong ch6ng rlii roo1910ngkhuySn cao sird\lllgObi~n phap nay trong cac tmang hQ'Pco yeu cAubao m~t an t08.nthong tincao.

2. MQt sA bi~n phap kY thu~t cAn chu y

Tmac tiOOhiOOthvc tS OOutren, Trung tam VNCERT khuySn cao ca~ t6

chilc, ca OOanmQt s6 bi~n phap ky thu~t cfut luu y de bao dam an t08.n thong tin

khi nang c~p h~ di8u hanh ho~c tiSp 1\lc su d\lllg cac may tiOOvai Windows XP.

2.1 Rao dam an toan khi nang cAp h~ di~u hanh

Khi co quan, t6 chilc tiSn hanh nang c~p ho~c cai d~t mai h~ di8u hanh de

thay thS Windows XP cfut chu y cac bi~n phap kYthu~t sau:

Buac 1: Kiem tra ky cac di8u ki~n truac khi nang c~p

- Kiem tra va bao dam tioo tuang thich cua cac phfut m8m h~ th6ng va cac

Ung d\lllg d6i vai h~ di8u haOOdv kiSn se nang c~p.

2

- KiSm tra, bao dam tinh tUO'llgthich va yeu cAutBi thiSu cua thiSt bi phAncUngdBivai h~ diSu hanh dv kiSn se nang c~p.

Tham khao cac thong. tin yeu cAutBi thiSu vS phAn cUng cua phien banWindows 7, Windows 8 t~i dia chi Internet:

http://windows.microsoft.com/vi-vn/windows7 /products/system-requirementsva http://windows.microsoft.com/vi-vn/windows-8/system-requirements.

Tham khao yeu cAu phAn cUng dBi vai cac phien ban h~ diSu hanh mangu6n ma Linux nhu Ubuntu va Fedora t~i dia chi Internet: .https://help.ubuntu.com/ community/Instalration/SystemR~quirements va

http://docs.fedoraproject.org/en-TJS/Fedora/13/htmINirtualization _Gui4e/chap-Virtualization-System_requirements.html.

Buac 2: Thvc hi~n sao luu dVphong truac khi nang c~p (dS bao dam khanang khoi ph\lc khi nang c~p th~t b~i)

- Luu l~i cac thong tin lien quan dSn ban quySn, gi~y phep sir d\lllg cua h~diSuhanh va cac Ungd\lllg khac.

"- Sao luu dv phong bQ cai d~t h~ diSu hanh, cac ban va, aac ph~ mSmdang sir d\lllg dS sir d\lng khi cAnthiSt.

- Sao luu 6 cUng truac khi cai d~t, dil li~u nay se duQ'csir d\lng dS bao damkha nang khoi ph\lc l~i khi co sv cBxay ra.

Buac 3: Thvc cai d~t h~ diSuhanh mai va cac phAnmSm Ungd\lng

- Thvc hi~n nang c~p ho~c cai d~t mai h~ diSu hanh theo dUnghuang dfu1cua nha san xu~t.

- Cai d~t cac phAn mSm h~ thBng va Ung d\lllg (tUO'llgtmch) cAnthiSt.

- Khoi ph\lc l~i h~ thBng thong qua cac dil li~u 'da duQ'~sao luu a ,fmac 2

khi vi~c nang c~p th~t b~i.

Buac 4: Thvc hi~n cac bi~n phap bao dam an toan thong tin cho moi truemgmai

Ap d\lllg cac bi~n phap va thiSt l~p cac chinh sach bao v~ an toan thongtin cho h~ thBng mai duQ'ccai d~t.

- T~o l~p cac ban sao dil li~u, h~ thBngdS h6 trQ'vi~c ph\lc h6i h~ thBng.

2.2 Bao dam an toan khi ti~p tt}cStfdt}ng Windows XP

Khi chua co diSu ki~n nang c~p ho~c cai d~t h~ diSu hanh mai thay thSWindows XP, cac t6 chuc, ca nhan cAnchu y thvc hi~n cac bi~n phap sau:

3

:

a. Th\lc hi~n sao lUll d\l phong OOubu6c 2 m\lc 2.1.

b. ThiSt l~p chS dQ bflo dam an toan thong tin cho h~ th6ng may tiOO

Windows XP trong qua trinh su d\lllg v~ hanh:

- Su d\lllg tuang lua dugc tich hgp s§n tren h~ diSu hanh, kSt hgp v6i tuang

lua cua h~ th6ng m~g dB quan ly truy c~p tir cac may tiOOkhac too may tiOOcua

mlOOva ngugc l~i. Vi~c thiSt l~p tuang lua phfli bflo dam yeu cdu chi cho phep

cac dich V\l dugc phep su d\lllg ma c6ng ra ben ngoai, dong to~ bQ cac c6ngdich V\lkhong cdn thiSt.

, , ,

- Ga bi>ho~c tat cac dich V\lkhong dUng den ho~c it dUng, trong do d~cbi~t chu ycac dich V\lcho phep kSt-n6i ben ngoai: Netmeeting Remote Desktop

Sharing, Remote Desktop, Remote Registry, Routing & Remote Access, SSDPDiscovery Service, Universal Plug and Play Device Host, Telnet V.v...

- Trong truang hgp b~t bUQc phfli kSt n6i qufln tri tir xa, khong kSt n6i tr1!c

tiSp too cac dich V\lcho phep quan tq h~ diSu hanh tir xa OOudich V\lRemoteDesktop. Trong truang hgp nguffi su d\lllg cdn phfli quan tq may tinh tir xa thi

cdn su d\lllg kSt n6i gian tiSp su d\lllg giao thuc hB trg ma hoa, bflo m,~tOOuVPN, SSH v.v...

c. Tham khflo ap d\lng gifli phap bflo dam an toan thong tin cho WindowsXP "VKT Total Security" cua cong ty Vi~t KiSn T~o.

Gifli phap cua cong ty Vi~t KiSn T~o cho phep bflo v~ may tiOOsu d\ll1g

Windows XP khi>iaM huang cua ma dQcva cac Sl!c6 khac d~ dSnmfttan toanthong tin, gifliphap nay cung cftpco ba nhom tiOOnang chiOOsau:

- VKT Internet Security (VIS): Ch6ng ma dQc xam OO~pqua duanginternet.

- VKT Smart Recovery (VSR): Ph\lc hBi h~ thBng thong mffih.

- VKT User Security (VUS): Bflo v~ toan v€;nmQt tai khoan nguai dUng.

MQt s6 tiOOnang cua gifli phap tren da dugc Trung tam VNCERT kiBm tra,

danh gia cho thfty ho~t dQng 6n diOO,phil hgp dB nang cao tiOOnang an toan cho

may tiOOsu d\lllg Windows XP. Tham khflo thong tin chi tiSt ~i dia chi Internet:

http://vkt.com. vn/

d. SU d\lllg cac triOO duy~t web OOu Firefox, Mozillar, Chrome ho~c

Internet Explorer phien ban m6i (con dugc Microsoft hB trg) dB thay thS cho

triOOduy~t Internet Explorer di kern theo Windows XP.

4

e. SUd\ll1gcac trng d\ll1gkhac (con duQ'cnha san xu~t h6 trQ')thay th8 cho

phfut mSm duy~t thu di~n ill Outlook Express di kern theo h~ diSu hanhWindows XP. Vi d\l nhu: Thunder Bird, Office Outlook v.v...

g. Khong tai (download) va cai d~t cac ban va ma khong ro ngu6n gBc,kiSm tra tinh toan Vyncac ban va truac khi su d\ll1g.

2.3 M{)tsachu y vSeach Stf dl}ng an toitD h~ di~u hanh

a. Thi8t l~p chinh sach d~t m~t khAuan toan cho cac tai khoan co trong h~

thBng, co thS tham khao huang dftn "Huang dftn d~t va su d\ll1gm~t khAu antoan" cua Trung tam VNCERT t~i dia chi'Intemet:

http://www.vncert.vn/tainguyen/Muong_dan_su_dung_mat_khau_an_toan.pdf

b. Thi8t l~p tai khoan ngmJi dUngvm quySn th~p nh~t, chi vira du dS ph\lcV\l cong vi~c theo dung chuc nang, nhi~m V\l duQ'cgiao. Quan ly va d~t m~tkhAuan toan cho cac tai khoan m~c dinh Administrator va Guest. Co thS vo hi~u

hoa tai khoan Guest khi khong su d\lng.

c. Khong su d\ll1gtfli khoan co quySn quan tq (Administrator) khi khong

cfut thi8t dS giflm kha nang lay nhiSm ma dQcvao h~ thang. Chi su d\l11gquySnquan tri khi cai d~t, gO-b6, c~u hinh thay d6i thong tin vS h~ thBng v.v. . .

d. B~t chuc nang ghi nh~t kYho~t dQngdS theo doi va giam sat ho~t dQngsau: Account logon events, Account management, Logon events, Object access,Policy change, Privilege use, System events.

e. V0 hi~u hoa chuc nang chia se tfli nguyen m~~ dinh cho mQt sB phan

vUng va dich V\l bao g6m: C$ D$ E$, ADMIN$, FAX$, IPC$, NetLogon,PRINT$.

g. T~t b6 cac tinh nang tg dQngch~y trng d\ll1gkhi k8t nBi vai thi8t bi luu

tm ngoai (vi d\l the nha ngoai giao ti8p qua c6ng USB) dS giain nguy ca lay Ian

ma dQcthong qua vi~c saDchep thong tin. Trong truCmghQ'Pcfutthi8t nguai sud\ll1gco trinh dQky thu~t co thS ~o phan vUng (partition) rieng dS ghi, luu dfr

li~u nhung cb ch~y cac t~p tin th\lc thi tren phan vUng nay, bi~n phap nay secho phep ngan can th\lc thi cac t~p tin co chua ma dQc.

h. Cai d~t va dinh kY c~p nh~t dfr li~u cho phfut mSm Antivirus va thUCmg

xuyen su d\ll1gphfut mSm nay dS kiSm tra va phat hi~n ma dQC.

i. SU d\lng cong C\l "Tcpview.exe" dS kiSm tra va phat hi~n cac k8t nBim~ng b~t thuCmgill may tinh cua minh ra cac dia chi l~ ben ngoai m~g va su

d\lng cong C\l"procexp.exe" dS kiSmtra cac ti8n trinh l~ sinh ra trong khi may

5

tinh khai dQng ho~c khong sir d\ll1g. Hai cong C\l nay dugc tich hgp trong bQ

cong C\l"Sysinternals Suite" do hang Microsoft cung c~p t~i dja chi Internet:

http://technet.microsoft.com/ en-us/sysintemals/bb842062.aspx. '

k. T~t may tiOO,dang xu~t kh6i h~ th6ng ho~c khoa man hinh (co m~tkhAu)khi khong sir d\ll1g.

1.Tham khao them cac bi~n phap bao m~t do hang Microsoft huang dfutt~idja chi Internet ..http://www.microsoft.com/vietnam/support/...

,

>.