How to prevent network sniffing and port scanning

1. Using security Tools

There are many tools that allow us to discover vulnerabilities in the system, such as Satan. Satan is a network of analysis of management, testing and reporting a lot of information, identify some of the network-related security issues.

The Satan provides an explanation of the problem and the extent to which it may have an impact on system and network security, and also explains how to deal with these problems by using the information attached to the tool.

Of course there are a lot of security tools like this. This includes scanning TCP ports or listening to all TCP ports on multiple hosts, analyzing network protocols, monitoring and controlling multiple network segments, using these security tools correctly, and discovering system vulnerabilities in time to prevent them.

and for the WindowsNT system platform, you can periodically check the Seclog records in EventLog to see if there are any suspicious situations that prevent network sniffing and port scanning.

2. Install a firewall

Firewall-type security technology is based on a protected network with well-defined boundaries and services, and network security threats only from outside the network. Through monitoring, restrictions and changes across the "firewall" of the data flow, as far as possible to the external network shielding information about the protected network, the structure, to achieve the security of the network, so more suitable for relatively independent, and external network interconnection channels Limited and network services a relatively single, centralized network system, such as the Internet. The "firewall" type system does not have the precaution function to the security threat from the internal network system in the technical principle, to the network security function enhancement often takes the network service the flexible line, the diversity and the openness, and needs the big network management expense.

Firewall-type network security system implementation is relatively simple, is currently widely used in network security technology, but its basic characteristics and operating costs limit its open large-scale network system application potential. Because the firewall type network security system only has the security safeguard function on the network boundary, the actual effect scope is quite limited, therefore "the firewall" type security technology is often specially designed and implemented for the specific need.

for individual users, it is a very practical and effective way to install a good personal firewall. Now many companies have developed personal firewalls, which often have an intelligent defense core, attacks, and automatic defense to protect the internal network security.

such as the Blue Shield Firewall system introduces an automatic reverse scanning mechanism in the kernel design, when hackers use scanners to scan firewalls or firewalls to protect the server, will not scan any port, so that hackers can not do; the same feed also has real-time alarm function, the system against the attack equipped with a complete record function, Record in a short record, detailed record, warning, record statistics (including traffic, connection, and so on, and so on, when the system occurs warning, you can also send the warning message to the pager and mobile phone, so that the system administrator and be notified.

3. Encryption of the information transmitted on the network can effectively prevent attacks such as web monitoring

There are many software packages available to encrypt the connection so that intruders can not decrypt the data even if they capture the data, but they will not be able to decipher it and lose the sense of eavesdropping.

Finally, some recommendations to the system and network administrators:

(1) in time to install a variety of firewalls;

(2) focus on some of the most powerful security sites in the country to get the latest information on network system vulnerabilities.