Common Security management vulnerabilities for application servers

The application of enterprise information technology, to irreversible. With the file server, ERP management software and so on in the enterprise root germination, application server has gradually become popular in the enterprise. Previously in the enterprise has an application server has been a great thing, now has two, three, it is not strange.

However, the enterprise application Server although increased, but the application server security management, but can't keep up. Take a look at a company and you can always see some obvious security management vulnerabilities. The following I put some of the typical vulnerabilities listed, as a trigger, to remind everyone to pay attention to the security of the server management.

One, all hosts can telnet to the server.

Because the server is often placed in a specific space, if the server for any maintenance work, such as viewing the server's hard disk space and so on, these jobs need to go to the server to see, it is obviously not very convenient. We want to be able to do some routine maintenance on the computer we use on a regular basis, instead of running to the room where the server is stored.

Therefore, most of our maintenance work on the server can be done by telnet to the server and maintained on a command-line basis. This undoubtedly provides a convenient management channel for our server management, but it also brings some hidden troubles to the server.

When an illegal attacker uses certain methods to know the telent username and password, it is possible to access the server unimpeded on any host of the enterprise. Especially when some disgruntled employees, it is easier to vent their dissatisfaction with the enterprise. I had a friend in the past. When a CIO in a software company, an employee gets the telent username and password of the file server when it is not noticed by the administrator. Later, the company was warned to dispose of confidential information about the customer. The employee, with a grudge, uses the stolen username and password to log on to the file server and delete many files. Fortunately, in the file server to take a more complete backup system, to avoid a significant loss.

Therefore, telent technology for our server management provides a more convenient means, but its security risks can not be ignored. In general, for Telent technology, we need to pay attention to the following aspects.

One is telent username and password and server administrator login username and password is the best. In other words, the username and password logged on the server host are the same as the administrator username and password for remote telent to the server. In this case, the user name and password disclosure to the server to minimize the harm.

Second, it is best to limit the telent to the server's user host. If we can limit on the server, only allow the network administrator's host to be able to remotely telent to the server. This is also relatively simple to achieve. If it is a Microsoft server system, it can be implemented using its own security policy tool. Or you can use a firewall to restrict telent to the IP address or MAC address on the server. In this case, even if the username or password is compromised, other people will still not be able to log on to the server due to the IP address or MAC address restrictions. In this way, you can maximize the protection of only legitimate personnel can telent to the server for day-to-day maintenance work.

Third, if you do not normally telent to the server management, then the Telent service shut down. There is no need to leave a back door for the attackers.