Network Server Security Maintenance Skills

 

 

First, we can analyze the malicious network behavior of network servers in two aspects: first, malicious attack behaviors, such as denial-of-service attacks and network viruses, these behaviors are intended to consume server resources, affect the normal operation of the server, and even paralyze the network where the server is located. The other is malicious intrusion, which can even cause the leakage of sensitive information on the server, intruders can do whatever they want and destroy the server. Therefore, to ensure the security of network servers, we should minimize the impact of these two actions on network servers.

I am here to talk about my personal opinions on maintaining the security of Windows network servers.

How to avoid malicious attacks on network servers

(1) Build your hardware security defense system

Select a set of security system models. A complete set of security models should include the following necessary components: Firewall, intrusion detection system, and routing system.

The firewall plays a security role in the security system, which can largely ensure illegal access from the network and data traffic attacks, such as denial of service attacks; the intrusion detection system acts as a monitor that monitors the entrances and exits of your servers and intelligently filters out intrusions and attacks.

(2) Select an English Operating System

You must know that Windows is something of Microsoft in the United States after all, while Microsoft is always known for its many bugs and patches. The Chinese version has far more bugs than the English version, the Chinese version of the patch has always been later than the English version. That is to say, if your server is installed with a Chinese version of Windows, after Microsoft vulnerabilities are published, you still need to wait for a while before completing the patch, hackers and viruses may have intruded into your system over this period of time.

How to prevent network servers from being infiltrated by hackers:

First, as a hacker fan, I would like to say that there is no absolutely secure system in the world. We can only try to avoid intrusion and minimize casualties.

(1) using the NTFS file system format

As we all know, the common file system we use is fat or FAT32, NTFS is a series of operating systems supported by Microsoft Windows NT kernel. It is a disk format specially designed for the management security features such as network and disk quotas and file encryption. In the NTFS file system, you can set independent access permissions for any disk partition. Store your own sensitive information and service information in different disk partitions. In this way, even if hackers obtain access permissions for the partition of the disk where your service file is located in some ways, they also need to find ways to break through the system's security settings to further access sensitive information stored on other disks.

(2) back up the system

As it is often said, although no one wants the system to be suddenly damaged, but not afraid of 10 thousand, they are afraid to back up the server system in case of damage and timely recovery.

(3) disable unnecessary services and only open the opened port

Disable unnecessary services and perform local management and group management. In Windows, many default services are unnecessary or even dangerous, such as the default Remote Registry Service ), many sensitive information of the system is written in the registry, such as the pcAnywhere encrypted password.

Disable unnecessary ports. Some seemingly unnecessary ports can indeed disclose many sensitive information about the operating system to hackers. For example, if the IIS service enabled by Windows 2000 Server by default, it will tell the other party that your operating system is Windows 2000. Port 69 tells the hacker that your operating system is likely to be a Linux or UNIX system, because port 69 is the default port used by the TFTP service in these operating systems. Further access to the port can also return some information about the software and its version on the server, which provides great help for hacker intrusion. In addition, opened ports are more likely to become the portals for hackers to access the server.

In short, filtering TCP/IP ports helps not only prevent hacker intrusion, but also prevent viruses.

(4) software firewalls and anti-virus software

Although we already have a hardware defense system, it is not a bad thing to have more "guard.

(5) Enable your Event Log

Although enabling Log service does not directly prevent hacker intrusion, we can analyze what intruders have done on our system by recording the hacker's whereabouts, what damage and hidden risks have been caused to our system, what backdoor does hackers leave on our system, and what security vulnerabilities exist on our servers. If you are a master, you can also set up a secret tank to wait for a hacker to intrude into the system and catch him right when he intrude into the system.