The malicious network behavior of the network server includes two aspects: first, malicious attacks, such as denial of service attacks, network viruses, etc., which are designed to consume server resources, affect the normal operation of the server, or even the network paralysis of the server; the other is malicious intrusion, This behavior will cause the server sensitive information leakage, the intruder is able to do whatever, wanton destruction of the server. So we want to ensure that the security of the network server can be said to minimize the network server is affected by these two behaviors.
(a) Build your hardware Security defense system
Choose a good security system model. A complete security model should include the following necessary components: firewalls, intrusion detection systems, routing systems, and so on.
The firewall plays a security role in the security system, can guarantee to a large extent from the network of illegal access and data traffic attacks, such as denial of service attacks, intrusion detection system is to play a role in the monitor, monitor your server access, very smart to filter out those with intrusion and attack nature of the visit.
(ii) Use of the English operating system
To know that Windows after all American Microsoft stuff that and Microsoft's things have always been known as bugs and Patch, the Chinese version of the bug far more than the English version, and the Chinese version of the patch has always been more than the English version of the night, that is, if your server is installed in the Chinese version of the Windows system, After Microsoft leaks, you'll need to wait a while to patch it up, and maybe hackers and viruses will use this time to invade your system.
How to prevent hackers from invading
First, there is no absolute security system in the world. We can only try to avoid being invaded, and to the greatest extent to reduce casualties.
(i) using the NTFS file system format
As we all know, the file system we usually use is fat or FAT32,NTFS, which is supported by the Microsoft Windows NT kernel's series of operating systems, and a disk format designed specifically for network and disk quotas, file encryption, and other management security features. In the NTFS file system, you can set access permissions for any single disk partition. Place your own sensitive information and service information on separate partitions. This way, even if hackers gain access to the disk partitions where your service files are located, you need to find ways to break the security settings of the system to further access sensitive information that is stored on other disks.
(b) Do a good job of system backup
As the saying goes, "preparedness", although no one wants the system suddenly destroyed, but not afraid of 10,000, just in case, make a good server system backup, in case of damage can also be timely recovery. From computer entry to proficient network www.58116.cn
(iii) Closure of unnecessary services, opening only the port
Shut down those services that are not necessary and do local management and group management. Windows system has many default services that are not necessarily open, or even dangerous, such as: The default shared Remote registry access (Registry service), the system a lot of sensitive information is written in the registration table, such as pcanywhere encryption password.
Close those unnecessary ports. Some seemingly unnecessary ports can disclose sensitive information about many operating systems to hackers, such as the IIS services that Windows Server defaults on to tell each other that your operating system is Windows 2000. Port 69 tells the hacker that your operating system is most likely a Linux or Unix system, because 69 is the port used by the default TFTP service under these operating systems. Further access to the port can also return some information about the software and its version on the server, which provides a great help for hacking. In addition, open ports are more likely to become hackers into the server portal. In short, do a good job of TCP/IP port filtering not only helps prevent hackers, but also to prevent the virus has some help.
IV software firewalls, anti-virus software
Although we already have a hardware defense system, but a few more "bodyguards" is not a bad thing.
(v) Open your event log
Although opening the log service does not directly affect the hacker's intrusion, but by recording the whereabouts of the hackers, we can analyze what the intruders have done on our system, what damage and hidden problems the system has caused, and what kind of backdoor the hacker has left on our system. What security vulnerabilities are there in our servers, and so on. If you are a master, you can also set up a secret tank, waiting for hackers to invade, in his invasion when he caught him.