Analysis of network security and prevention technologies

Keywords: Network Security virus Firewall

1. Several aspects that affect network security

1.1 connotation of computer viruses

Computer Virus: A group of computer commands or program code compiled or inserted in a computer program that destroys computer functions or data, affects computer usage, and is capable of self-copying.

Computer viruses are a small program, but they are different from other computer programs. It has the following features:

① Procedural nature of computer viruses: it is an executable program, but it is not a complete program, but parasitic on other executable programs; ② computer viruses are contagious: computer viruses spread from infected computers to uninfected computers through various channels. ③ Computer virus hiding: a well-developed computer virus program can be hidden in legal files for a long time after it enters the system. Infection of other systems; ④ computer viruses trigger: the characteristics of a virus that induces the virus to carry out an infection or attack due to an event;

1.2 network resource sharing factors

Resource Sharing is the main purpose of computer network applications, but it provides an opportunity for System Security attackers to use the shared resources for destruction. With the increasing demand for networking, external service requests cannot be completely isolated. Attackers can easily obtain network data packets by taking advantage of service requests.

1.3 Open Network Factors

Any user on the internet can easily access information resources on the Internet, so as to easily obtain sensitive information of an enterprise, organization, and individual.

2. network security defense methods

As a means of border security, firewall plays an important role in network security protection. It isolates internal networks from the Internet or from other external networks, and limits mutual access between networks to protect internal networks.

2.1 main functions of the firewall

① The firewall can scan its network communication to filter out attacks;

② The firewall can disable unused ports and disable output information of specific ports;

③ The firewall can prohibit access from special sites, so as to prevent all communications from unidentified intruders, filter out insecure services and control unauthorized users' access to the network:

④ The firewall can control access to special sites on the Internet by internal network personnel;

⑤ The firewall provides convenient endpoints for monitoring Internet security and warning.

2.2 Main advantages of Firewall

A firewall can be used as a blocking point for network communication. All inbound and outbound network information must pass through the firewall. The scope of the firewall's Risk is reduced from the entire internal network to one or more hosts that constitute the firewall system. Thus, a control center is formed in the structure, which greatly enhances network security and simplifies network management.

2.3 Main defects of the firewall

Because of the openness of the Internet, the firewall also has some weaknesses, so that it cannot completely protect the network from attacks. The main defects of the firewall are:

① The firewall is powerless to bypass its attack behavior;

② The firewall cannot prevent viruses and prevent transmission of software or files infected with viruses. Therefore, only anti-virus software can be installed for computer viruses mentioned above.

2.4 classification of firewalls

The implementation of a firewall can be divided into three levels: Packet Filtering Firewall, proxy firewall and compound firewall.

2.4.1 packet filtering Firewall

The packet filtering firewall is implemented at the IP layer and can be implemented only by routers. The biggest advantage of packet filtering vro is that it is transparent to users, that is, no user name or password is required for login. Packet filtering vro has obvious drawbacks. Because it usually does not have user usage records, we cannot find hacker attack records from access. It also has a fatal weakness, that is, it cannot filter at the user level, that is, it cannot identify users and prevent IP address theft. If an attacker sets his host as the IP address of a valid host, it is easy to filter the firewall through packets.

2.4.2 proxy firewall

The proxy firewall is also called the application layer gateway firewall. The packet filtering firewall can prohibit unauthorized access by IP address. However, it is not suitable for organizations to control internal staff access to external networks. For such enterprises, the application proxy firewall is a better choice.

A proxy service is an application configured on the Internet firewall gateway. It is a specific application or service that is allowed or rejected by a network administrator. Generally, it can be applied to a specific Internet service, such as Hypertext Transfer and remote file transfer. It can also be used to implement strong data flow monitoring, filtering, recording and reporting functions.

2.4.3 compound Firewall

Composite firewalls are used together with data packet filtering and proxy services. Thus, the network security, performance, and transparency are complementary.

In short, a firewall is a gateway device for network security. The principle of installing a firewall is: as long as there is a possibility of malicious intrusion, a firewall should be installed in both the Intranet and external network connections. The prevention and control of computer network insecurity cannot be effectively prevented by relying solely on technical means. Only by closely integrating technical means with management mechanisms, only by raising people's awareness of prevention can they fundamentally protect the secure operation of network systems.