Win 2000 3 Security Solutions for remote control

First, the introduction

We envision a remote control scenario: A company that has to place such a iisweb server, which is placed 300 of miles away. The server is a broadband network, air-conditioning devices, power control devices, the combination of the three server centers. This Network Service center is both stable and affordable, but requires customers to completely remotely control the server, this control is at any time, without having to run to the console to operate the server frequently. There are usually several problems with remote control, most notably the communication between the client machine and the host is transmitted over the Internet. This exchange of data may be sniffed by hackers; Another problem is that remote control of its own vulnerabilities (such as its open ports) can also cause cyber attacks. The ultimate goal of choosing a remote control scheme is to ensure that you, the gateway (just you), can control the server without causing other network attacks.

The remote control scheme security principles are as follows:

Ensuring security for remote control permissions

Remote control must be able to prevent unauthorized access. This means that remote management software only accepts a small range of IP address connections and requires user name and password control. The remote control security is further enhanced through the introduction of smart card phase customer verification. It can also be enhanced with some simple, out-of-the-box techniques, such as using non-standard ports to provide services or some security configuration that does not display service flags.

Ensure the integrity of remote exchange data

To prevent data loss in remote control, we must ensure the integrity and immediacy of remote control of server and client data transmission (that is, the data sent is reliable and not resend).

Ensure confidentiality of sensitive data transmissions

For remote control, the most important point is to ensure the confidentiality of sensitive data transmitted over the Internet. This will prevent the transmission of data packets will not be sniffed by hackers. This requires the use of robust and feasible encryption algorithms for session encryption. The advantage of this encryption is that even if an attacker sniffs the data. It's no use to the sniffer people.

Ensure that event logs are safe to audit

Good security audit can greatly improve the overall security of remote control, and the security hidden danger and technical crime to nip in the bud. The main purpose of the audit log is to let administrators know who has access to the system, what services are being used, and so on. This requires the server to have a sufficient, sufficiently secure log record for the remote control trail of the black mold that attempted to invade by technical crime.

Zebian: Bean Technology Application