Home > Industries > Computer

Computer security Management (note)

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

I. DDoS attack targets:

1. Program Vulnerability (overflow) sensitive information disclosure, application bug

2. Use a weak password.

3. Database (column directory, differential backup, log backup, stored procedure)

4. System permissions configuration (run, upload, write)

5.IIS settings (script execution permissions)

6.FTP settings

7.ARP

    1. Limit the number of consecutive password errors.

    2. Split administrator privileges to cancel the hyper-pipe.

    3. Remove the service ports that you do not need.

    4. To close a service port that is not needed

    5. Restrict permissions for remote logins.

    6. View the server Event Viewer frequently.


  2. The system disk and site settings must be formatted in NTFS for easy setting of permissions.

  4. For the system disk and the site placement disk, the Aministrators and system user rights are cleared.

  6. Enable Windows to bring your own firewall, leaving only the service ports that you need.

  8. Rename administrator, create admin account, as a trap account, set an extra long password, not belong to any group, and disable the guest user.

  10. Gpedit.msc account Policy, three login invalid, lockout time 30 minutes, reset lock count is set to 30 minutes.

  12. Security Policy: Anonymous access to the share, anonymous access to the named channel, remote access to the registry path;

    The remote Access registry path and Subpath are empty.

  14. Deny login via Terminal Services.

    Account: ASPNET guest iuser_*** iwam_***, NETWORK Sqldebgger

  16. Audit Policies: Account management, account login events, login events, system events, policy changes (success, failure)

    Directory service access, object access, privileged use (failed)

  18. Windows Redgistry v5.00 turn off the default share to prevent a null password or weak password intrusion

    Hkey_local_machine\system\current Contorl Set\services\lanmanserver\parameters

    autoshareserver=dword:000000000

    autosharewks=dw:00000000

  20. Web server

    Build Web user password, belong to Guset Group

    IIS is placed on other disk directories for Web user access, network authentication.

    Execute Permissions: Pure script

  22. To modify the log directory method:

    Regedit:hkey_local_machine/system/current Control Set/services/evertlog

    File D:\cee----d:ceeappevent.evt

Computer security Management (note)

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
samsung galaxy note 3 security computer inventory management software computer asset management software itil security management ppt security session management stanford computer security certificate computer security products
Related Article
Lenovo computer Update BIOS reboot prompts "Secure Flash auth...
Computer storage unit Byte, KB, MB, GB, TB, PB, EB, ZB, YB, D...
Clear trojans on your computer
Computer Information Processing
Number representation in the computer
It takes 3 minutes to shut down useless services on your comp...

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More