(1) Major network security threats
The reliable operation of the network system is based on the communication subnet, computer hardware and operating system and various application software and other aspects, all levels of good operation. As a result, its risk will come from threats to the various key points of the enterprise that may result in the failure of the overall functionality. Because in the distributed computing environment of WAN, the security problem becomes more and more complex and prominent compared with the past LAN, host environment and stand-alone environment, so the risk analysis of network security becomes the basis of making effective security management strategy and selecting the implementation measures of the safe technology. Security cannot be based solely on ideological education or trust, it should be based on the principle of "least privilege" and "mutual supervision" to reduce the scope of the confidential information. Try to eliminate the problem that users have to trust or be trusted to use resources. Establish a complete security control system and certification system.
Through the above analysis of the network structure is not difficult to see, the current network of large-scale, complex structure, the network running a variety of hosts and applications, the use of a variety of network equipment, at the same time, due to a variety of business needs, and many other networks to connect. Therefore, we believe that the security of the computer network should be considered in the following aspects:
First tier, external network connectivity and data access, including:
A connection to a mobile user who travels outside.
The public services that the managed Server Web site provides externally.
An Office automation network uses ADSL to connect to the Internet.
The second layer, the internal network connection, including through the DDN line connected to the hosting server Web site and office automation network.
The third layer, the connection between different departments in the same network segment. This mainly refers to the same network segment, that is, connected to the same hub or switch on the different departments of the host and workstation security issues.
The external network attack threat mainly comes from the first layer, the internal network security problem is concentrated on the second to third level ' below we will discuss the security of the external network and the security of the internal network.
(2) Security threats from external networks and internal networks
Security threats from the external network
Due to the needs of the business, the network is connected to the external network, which focuses on the first layer of the security threat, including: the connection between the internal network and these external networks is direct, the external network can directly access the host of the internal network, and the internal system is vulnerable to attack due to the absence of internal and external isolation measures.
Connections to mobile users who are traveling
Because of business needs, the company's employees often need to travel, and the mobile user using a local ISP dial-up Internet connection to the Internet, access to the internal network, then illegal internet users can also use a variety of means to visit the internal network. This connection makes an enterprise's internal network vulnerable to attacks from the Internet. In the event of an attack, the first to be destroyed will be the mainframe of the Office automation network, in addition, by using the DDN line connecting the managed Server Web site with the Office automation network, the attacker can continue to attack the managed Server Site section. The means of attack and the hazards that may be caused are manifold, such as:
Modify the Site page, and even use the server to attack other units of the site, resulting in damage to corporate reputation.
Release the virus, occupy the system resources, causes the host cannot complete the corresponding work, causes the system and even the entire network paralysis.
Release the Trojan Horse, gain control of the system, and attack the entire enterprise internal network.
Theft of corporate information, to seek ill-gotten gains, and this kind of attack enterprises are difficult to find.
For all of these attacks we can use anti-virus, firewalls and anti-hacker technology to prevent.
Managed Server Web site public services provided externally
Due to the needs of the company, the corporate network provides external public services.
In this case, it is necessary to rely on comprehensive preventive measures to effectively protect against hacker attacks.
The destruction of the main way is: Modify the Site page, and even use the server to attack other units of the site, resulting in damage to corporate reputation.
Office automation network using ADSL and Internet connection, internal users use ADSL dial-up server as a gateway to connect to the Internet. In this case, the traditional network security system can not solve the network security problems, must rely on comprehensive means of prevention to effectively protect against hacker attacks.
To sum up, the main way to destroy the external network is:
Malicious attacks and theft of information by illegal users of external networks.
Viruses and e-mail messages that are transmitted over the network.
The internal network lacks the effective means to monitor the system and evaluate the security of the network system and operating system.
Many operating systems currently prevalent have network security vulnerabilities, such as UNIX servers, NT servers and win-dows, desktop PCs.
A malicious java/activex control that may exist for web browsing from the Internet.
② security threats from the internal network
From the above network diagram can be seen, the entire enterprise computer network has a certain scale, divided into multiple levels, the network nodes numerous. Network application is complex, network management is difficult. These issues are mainly reflected in the second and third dimensions of security threats, including:
The actual structure of the network is beyond control.
Network management personnel can not timely understand the operation of the Internet.
There is no way to understand network vulnerabilities and possible attacks.
There is a lack of effective means of tracing for attacks that have been or are occurring.
The security of the internal network involves many factors, such as technology, application and management, only to find the problem in time and determine the source of the network security threat, can we formulate a comprehensive security strategy and guarantee the network security effectively.
Author: Gu Hongtao Internet and search engine IT technology website optimization online Henan SEO Marketing blog sharing learning, copyright learning Address: http://www.guhongtao.com/