Several ways to prevent Server Overflow and reduce the possibility

　　Server Information of the Fire Station Building Institute (bkjia.com)Overflow is a problem caused by the deficiencies in the design of the program designer. Overflow is also a permanent pain for the operating system and application software. Today, when hackers frequently attack and system vulnerabilities emerge in an endless stream, no one can guarantee that the operating system and applications will not overflow. Since overflow is inevitable and the threshold for using overflow attacks is low, people with certain computer bases can use tools to complete an overflow attack. In this way, the computer system is at risk of being overflows at any time, especially if the server that bears the heavy responsibility is infiltrated by overflow, the consequences will be unimaginable. We can't sit still. As a network manager, we should take measures to minimize the possibility of Server Overflow.

　　1. What is overflow:

Overflow is a vulnerability in the operating system used by hackers. A program is specially developed. After running the program with corresponding parameters, you can gain control of your computer as an administrator, everything you can run on your computer can be done by him. It means that your computer is yours.

　　How to Prevent Server Overflow:

1. Patch required:

Patches for system vulnerabilities are completed to the maximum extent possible. servers of the Microsoft Windows Server series can enable the automatic update service, then, the server is automatically connected to the Microsoft Update Website for patch updates within a specified period of time. If the server prohibits External Internet connections for security reasons, you can use the Microsoft WSUS service to upgrade the internet.

2. minimal service:

The minimum number of services is equal to the maximum security. All unwanted system services and applications are stopped to minimize the attack factor on the server. For example, the NDS overflow caused many servers to crash. In fact, if a WEB server does not use the DNS service at all, you can stop the DNS service so that DNS overflow does not pose any threat to your server.

3. Port Filtering:

Enable TCP/IP port filtering and only open common TCP ports such as 21, 80, 25, 110, and 3389 on the server. If the security requirement is higher, you can disable the UDP port, of course, if this problem occurs, it is inconvenient to connect to the external server. We recommend that you use IPSec to block UDP. In protocol filtering, only TCP, UDP, and RDP protocols are allowed. Other useless protocols are not enabled.

4. system firewall:

Enable the IPSec Policy, perform security authentication for the server connection, and add double insurance to the server. Block some dangerous ports, such as 135 145 139 445 and UDP external connections, and encrypt and communicate with only trusted IP addresses or networks. Using IPSec to prohibit external access to UDP or TCP ports that are not commonly used can effectively prevent bounce Trojans.

5. System Command Defense:

Delete, move, rename, or use the Access Control table column Access Control Lists (ACLs) to Control key system files, commands, and folders:

And regedit.exe1_regsvr32.exe to further control the server. Such as adding accounts and cloning administrators. We can delete or rename these command programs. 4 t (B + L/O-y.

Tip: Stop the File Replication Service (FR) or delete or rename the corresponding file under % windir % system32dllcache. I love the computer technology community-creating the best power

(22.16.pdf) also moves the. exe file to the specified folder, which is also convenient for later use by the Administrator.

(3) access control table column ACLS control:

Hacker files commonly used by hackers are defined in "properties" → "security" for the ACLs users they access, for example, only the administrator has the right to access, if you need to prevent overflow attacks and illegal exploitation of these files after the overflow is successful, you only need to deny access to the system users in ACLs.

• 2 pages in total:
• Previous Page
• 1
• 2
• Next Page