Security O & M Philosophy)

Dr. Li Yang's defense line was bought some time ago. After reading this line for a long time, he has benefited a lot and has been focusing on Enterprise Security.

1. Know yourself and know what you are doing

It is not dangerous to know the enemy or yourself. If you do not know the enemy, you only know yourself. If you do not know the enemy, you only know yourself, every battle is dangerous.

The risk is too high. Security O & M requires the wisdom of both ourselves and ourselves to take the lead in the security domain threat competition, and to make enterprises undefeated in the security O & M work.

For enterprise O & M, his opponent has only one hacker. Therefore, we need to understand the common attack methods and basic principles used by hackers to defend against intrusions.

Learn about enemies:

1. dos attacks use software-implemented permissions, protocol vulnerabilities, and resource consumption

2. DDOS attacks

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131227/15515B311-0.jpg "alt =" 1-11041916231H50.jpg "/>

3. IP Spoofing

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131227/1551564047-1.jpg "alt =" 20130722205238-1967538448.jpg "/>

4. ARP Spoofing

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131227/1551562a7-2.jpg "alt =" 013000002417451222111401_188.jpg"/>

Learn about yourself:

First, we understand the enemy, and then we will take appropriate measures.

Physical Layer Protection: Physical Isolation

System-layer protection: the security operating system is used, the operating system password is complicated, and the database security technology is used.

Network Layer Protection: Firewall

Gateway-level protection: UTM

2. Keep everything in advance.

To accomplish anything, you must have clear goals, careful preparation, and careful arrangements. If you do not have prepared blindly, you must be busy, but nothing can be done, with careful preparation, hard work, unremitting struggle, solid time and great efforts, we can achieve success on the other side.
The same is true for enterprise security construction and O & M. It is necessary to make overall planning in terms of software and hardware selection and information security construction scope and content.
Data Information) Security
Operating System) Security
Physical Entity) Security
Plan and deploy these three aspects!

3. Strategic personnel despise the enemy and tactically attach importance to the enemy

In the security O & M work, we can take it as a guiding ideology. We need to put the difficulties ahead and make careful deployment. We must not fear the difficulties, but despise the difficulties strategically, in-ear monitoring attaches importance to difficulties in tactics and makes relevant preparations.

Complete enterprise system security protection in four steps

1. linux File System Access Security

2. linux Process Security

3. linux User Management Security

4. linux Log Management Security

4. Teacher yundun

Both administrators and information security personnel need to consider from the perspective of hackers and monitor the security of system and network attacks and external threats from various technical details, in this way, we can be in a favorable position in actual O & M work to ensure the information security of enterprises.

Common performance testing tools:

Top processor Activity

Average uptime system load

Free memory usage

Pmap processor memory usage

Ulimit System Restrictions

Mpstat multi-processor usage

Vmstat system status

Dmesg hardware

Traffic-vis network monitoring

Cacti can collect all information such as cpu utilization, disk space, and web traffic data.

5. To do a good job, you must first sharpen the tool.

In Enterprise linux security O & M, there are actually many shortcuts, including mastering some core concepts, frameworks and methods, and making full use of existing open-source tools and commands for flexibility and convenience, efficient O & M to improve work efficiency.

1. customized kernel

2. Secure Backup tools

BackupPC

Taper

Xtar

3. System Management Tool: sudo

4. Swiss Army knife in the network security field: netcat

5. Route Tracing Tool: tracerouter

6. Operating System Identification Tool: xprobe

7. System Vulnerability discovery tool: SATAN

Conclusion: There are a lot of things that have never been used, and we are trying to improve our own technology. However, this book is very helpful to me, But O & M isHalf god, half fairy, and migrant workers. However, in addition to technology, we also need to have good communication skills, good interpersonal relationships, and a clear understanding of your development position. It is very important for leaders to take the initiative, obey the leadership arrangements, and not report beyond the level!

This article is from the "technical control" blog, please be sure to keep this source http://chenhao6.blog.51cto.com/6228054/1312801