Server system maintenance and security configuration)

I. Hardware System Security Protection

There are two types of hardware security problems: physical security and security.

1. Physical Security

Physical security refers to preventing accidents or man-made damages to specific physical devices, such as servers, switches, routers, cabinets, and lines. The keys of the data center and Cabinet must be properly managed. Do not allow irrelevant personnel to enter the data center at will, especially the network center data center, to prevent deliberate damage.

2. Set security

Security Setting refers to making necessary settings (such as passwords of servers and switches) on the device to prevent hackers from obtaining remote control of the hardware device. For example, many network administrators often do not set the necessary passwords on servers or vswitches that can be managed by network administrators. People who know network device management technology can gain control over servers or vswitches through the network, this is very dangerous. Because a router is an access device, it must be exposed to the field of view of internet hacker attacks. Therefore, stricter security management measures, such as password encryption and strict access list loading, must be taken.

2. Software System Security Protection

Compared with hardware systems, software systems have the most security problems and are also the most complex. Next we will focus on the security of software systems.

The TCP/IP protocol is widely used in various networks. However, the TCP/IP protocol originated from the Internet, and the Internet was an open Internet for researchers in its early days. It was a completely non-profit information sharing carrier, therefore, almost all Internet protocols do not consider security mechanisms. Another cause of network insecurity is that people can easily obtain the relevant core from the Internet.Technical materialsIn particular, the technical information related to the Internet and various hacker software can easily cause network security problems.

Iii. Security Protection Measures

In the face of endless cybersecurity problems, we are not helpless. We can start from the following aspects to prevent problems before they happen.

1. Install patchesProgram

Any operating system has vulnerabilities. As a network system administrator, it is the responsibility to promptly add patches. Most SME servers use Microsoft's Windows NT/2000/2003 operating systems. Because there are a large number of users, many bugs are found. At the same time, there are also a lot of people who deliberately attack them. To compensate for operating system security vulnerabilities, Microsoft provides many patches on its website, which can be downloaded and installed online. For Windows2003, upgrade to SP1 at least. For Windows 2000, upgrade to Service Pack 2 at least. For Windows NT 4.0, upgrade to Service Pack 6 at least.

2. Install and set a firewall

Currently, there are many hardware or software-based firewalls, such as Huawei, Digital China, Lenovo, and rising products. For enterprise intranets, firewall installation is essential. The firewall has a good preventive effect on illegal access, but it does not mean everything is fine after the firewall is installed, but requires proper settings to take effect. If you do not know how to configure the firewall, ask the technical support staff to help you set the firewall.

3. install network anti-virus software

Nowadays, the virus on the network is very rampant, and everyone must have tasted the "Nimda" virus. Therefore, You Need To Install antivirus software on the network server to control the spread of viruses. Currently, most anti-virus vendors (such as rising star, Crown group jinchen, trend, Symantec, and pandatv) anti-Virus Software of the network version has been released. At the same time, in the use of anti-virus software of the network version, the anti-virus software must be upgraded on a regular or timely basis.

4. account and password protection

Account and password protection can be said to be the first line of defense of the system. At present, most of the attacks to the system on the Internet start from interception or password speculation. Once a hacker enters the system, the preceding defense measures are useless. Therefore, managing the account and password of the server system administrator is an important measure to ensure system security.

The system administrator password must have at least eight or more digits, and should not be set to a password that is easy to guess, such as the name and date of birth. For common users, set certain account management policies, such as forcing users to change their passwords once a month. If you want to close an account that is not commonly used, such as an anonymous logon account.

5. Monitor System Logs

By running the system logging program, the system will record all users' usage of the system, including recent logon times, accounts used, and activities. The log program periodically generates reports. By analyzing the reports, you can check whether exceptions occur.

6. disable unnecessary services and ports

When the server operating system is installed, it starts unnecessary services, occupying system resources and increasing system security risks. You can close servers that are not used during the holidays. Do not use services that are not needed during the holidays, such as telnet. In addition, you must disable the TCP port that is not necessary.

7. Regularly back up the server

To prevent unexpected system faults or users' improper operations, the system must be backed up securely. In addition to monthly backup for the entire system, you must back up the modified data once a week. At the same time, you should store the modified important system files on different servers so that the system can be restored to normal in time when a system crash occurs (usually a hard disk error occurs.

From http://www.netboy365.com/