Seven steps to make the server system more secure

Source: Internet
Author: User
Tags log system log administrator password password protection firewall backup

Server security has always been a hot topic of concern, although server security issues are tricky, but we are not at our wits ' turn. I think your friends can start from the following aspects, you can do it in a preventive way. Any operating system has vulnerabilities, as a network system administrator has the responsibility to timely "patch". Most SMB servers use Microsoft's WINDOWS2000/2003 operating system, because there are so many people who use them, so there are a lot of bugs to be found, and there are plenty of people who deliberately attack them. Server security has always been a hot topic of concern, although server security issues are tricky, but we are not at our wits ' turn. I think you can do it in the following ways.

1, install the patch program

Any operating system has vulnerabilities, as a network system administrator has the responsibility to timely "patch". Most SMB servers use Microsoft's WINDOWS2000/2003 operating system, because there are so many people who use them, so there are a lot of bugs to be found, and there are plenty of people who deliberately attack them. To make up for operating system vulnerabilities, Microsoft has provided a number of patches on its web site to download and install the associated upgrade packs online. For Windows2003, upgrade to SP1 at least, and for Windows2000, upgrade to ServicePack2 at least.

2. Installing and setting up firewalls

Now there are many hardware or software based firewalls, such as Huawei, Shenzhou Digital, Lenovo, rising and other manufacturers of products. For intranet, it is necessary to install a firewall. Firewalls have a good preventive effect on illegal access, but it's not the end of the firewall, but the need for appropriate settings to work. If you are not aware of the firewall settings, you will need technical support personnel to assist with Setup.

3. Install Network anti-virus software

Now the virus is rampant on the network, this needs to install the network version of anti-virus software on the network to control the spread of the virus, at present, most anti-virus manufacturers (such as rising, Golden Chen, Trends, Symantec, Panda, etc.) have launched the network version of antivirus software. At the same time, in the network version of anti-virus software use, must be regularly or timely upgrade anti-virus software.

4, Account and password protection

Account and password protection can be said to be the system's first line of defense, the current online most of the attacks on the system from the interception or guessing the password began. Once the hacker entered the system, then the previous defense measures almost no effect, so the server system administrator's account and password management is a very important measure to ensure system security.

The system administrator password must be more digits, at least 8 digits above, and do not set it as an easy to guess password, such as your own name, date of birth, etc. For ordinary users, set up a certain number of account management policies, such as forcing users to change the password once a month. For some infrequently used accounts to be closed, such as anonymous login account.

5. Monitoring System Log

By running the System log program, the system records all the user's use of the system, including the most recent logon hours, the account used, and the activities carried out. The log program generates reports on a regular basis, and you can tell if there is an anomaly by analyzing the report.

6. Turn off unwanted services and ports

Server operating system in the installation, will start some unwanted services, which will occupy the system resources, but also increase the system's security risks.

For servers that are completely unused during the holidays, you can shut down completely, and you should turn off unwanted services, such as Telnet, for the server you want to use during the holidays. Also, turn off TCP ports that are not necessary to open.

7, regular backup of the server

To prevent unpredictable system failures or careless user actions, you must make a secure backup of your system. In addition to a monthly backup of the system as a whole, a weekly backup of the modified data should be performed. At the same time, the modified important system files should be stored on different servers so that when the system crashes (usually the hard drive error), the system can be restored to normal state in a timely manner.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.