Original: Chapter 1 securing Your Server and Network (10): Use extended protection to avoid authorizing relay attacksSource: http://blog.csdn.net/dba_huangzj/article/details/38368737, Special catalogue:http://blog.csdn.net/dba_huangzj/ article/details/37906349No person shall, without the consent of the author, be published in the form of "original" or used for commercial purposes, and I am not responsible f
With the prevalence of open-source Linux, its applications in large and medium-sized enterprises are gradually becoming more popular. Many enterprise application services are built on it, such as Web services, database services, and cluster services. Therefore, the security of Linux has become a foundation for enterprises to build secure applications and a top priority. How to protect it is a fundamental problem that enterprises need to solve. Based on this, this article provides the key points
With the prevalence of open-source Linux, its applications in large and medium-sized enterprises are gradually becoming more popular. Many enterprise application services are built on it, such as Web services, database services, and cluster services. Therefore, the security of Linux has become a foundation for enterprises to build secure applications and a top priority. How to protect it is a fundamental problem that enterprises need to solve. Based on this, this article provides the key points
can use it to obtain the root permission and then control the entire system.
3. obtain the latest Apache
Using the most secure version is crucial to enhancing the security of Apache Web servers.
You can get the latest Apache version from the official Apache website http://www.apache.org.
Protection of configuration files
The Apache Web server has three major configuration files, which are generally located
://www.apache.org.
Protection of configuration files
The Apache Web server has three main configuration files, which are typically located in the/usr/local/apache/conf directory. These three documents are: Httpd.con, srm.conf and access.conf. These files are the control center of the entire Apache, so you need to know about three profiles. The httpd.conf file is the primary configuration file; srm.conf al
As a network engineer, ensuring the security of enterprise servers and normal operation is the primary issue in network management. So how can we effectively protect the security of servers? Based on my work experience over the past decade, I have established a protection system from the following seven points. Entry Point 1: Establish a strong network security system To isolate an enterprise's servers and "Protect" them one by one, as the core comp
Server security protection measures
Today, we will explain some specific measures for server security protection through multiple backups. Let's take a look at them carefully.
1. Start with the foundation and provide basic protection.
First, convert all the disk partitio
As a network engineer, ensuring the security of enterprise servers and normal operation is the primary issue in network management. So how can we effectively protect the security of servers? Based on my work experience over the past decade, I have established a protection system from the following seven points.
Entry Point 1: Establish a strong network security system
To isolate an enterprise's servers and "Protect" them one by one, as the core compon
With the popularity of Linux in Open source system, its application in large and medium-sized enterprises is becoming more and more popular, many enterprise application services are built on it, such as Web services, database services, cluster services and so on. Therefore, the security of Linux has become an enterprise to build a security application of a foundation, is the most important, how to protect its security is an enterprise needs to solve a fundamental problem, based on this, this art
redirection, IP routing, and other technologies. In 2009, Microsoft released its security report (Advisory 973811), which provided two mechanisms: service binding and channel binding. Service-binding requires the client to provide the signed SPN into the authorization information. If an attacker attempts to use a certificate obtained from linked information or does not provide a signed SPN, it will not be able to connect to SQL Server, which has litt
As a network engineer, ensuring the security of enterprise servers and normal operation is the primary issue in network management. So how can we effectively protect the security of servers? Based on my work experience over the past decade, I have established a protection system from the following three points:
Entry Point 1: Establish a strong network security system
To isolate an enterprise's servers and "Protect" them one by one, as the core compon
As a network engineer, ensuring the security of enterprise servers and normal operation is the primary issue in network management. So how can we effectively protect the security of servers? Based on my work experience over the past decade, I have established a protection system from the following three points:
Entry Point 1: Establish a strong network security system
To isolate an enterprise's servers and "Protect" them one by one, as the core compon
Microsoft Azure Backup implements file-and folder-based backup and recovery, and Microsoft Azure recently provides backup and recovery of application workloads for enterprise on-premises environments, such as Microsoft SQL server,hyper-v virtual machines , SharePoint Server,microsoft support for the long-term retention of disk-to-disk backup of the local copy (D2D) and disk-to-disk-to-Cloud (D2D2C) Backup o
Specific measures for server security protection:
1. Start with the foundation and provide basic protection.
First, convert all the disk partitions on the server that contain sensitive data to the NTFS format. Second, whether it is Windows or Linux, any operating system has vulnerabilities, and patch the vulnerabilitie
physically accessed by attackers. One is to set a password for the bios, and the other is to configure the password protection (Password = xxx) System Startup Process in the/etc/Lilo. conf file. However, remember that once the system is completely physically exposed by intruders, there is no way to ensure the absolute security of the system.
6. ipchains
Discussing Linux security is not possible without discussing ipchains. Ipchains is the package fil
and use formulas to standardize scripts, which will be of great help to our future work.
In this section, we compile a simple iptables syntax rule for mail host protection. The network topology is very simple. the IP address of the iptables machine is 192.168.1.101/24, and the IP address of the other machine is 192.168.1.102.
Common email host protection script
The normal mail host
servers "!
Temporary protection DHCP
As we all know, the common workstation system sends the request information of the Internet parameters to the LAN network through broadcasting. All network devices in the LAN will receive requests from the common workstation, this naturally includes valid DHCP servers and invalid DHCP servers. However, whether the DHCP server is a valid DHCP
tips are also useful for IIS administrators who have a strong budget.
First, develop a set of security policies
The first step in securing your Web server is to ensure that your network administrator is aware of every system in your security policy. If the company's executives do not regard the security of the server as an asset that must be protected, then the protect
details: http://cn.raksmart.com/ 4. Hostease Standalone ServerThe He server has 10M of public bandwidth, cpanel and Plesk Control Panel, ids/ips network Protection system, CSF firewall, 24/7/365 email Instant Chat phone support.Hostease Independent host computer room located in California and the United States in Seattle two regions, this year launched the Los Angeles high-speed host is also very fast,
using thousands of machine-controlled IP addresses. How to configure Fail2ban to protect the Apache serverThe Apache servers in the production environment may be subject to different attacks. An attacker might attempt to gain unauthorized or inaccessible directories by brute force attack or by executing a malicious script. Some malicious reptiles may scan your site for various vulnerabilities or send spam by collecting email addresses and Web forms. The Apache
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.