The following article is mainly about the introduction of DDoS prevention, I saw the previous two days in the relevant website DDoS prevention profile information, feel very good, take out for everyone to share. The following is a detailed description of the main content of the article, hope that you will have a deeper understanding of it after browsing. 1. Ensure all servers adopt the latest system and make security patches. The Computer Emergency Response Coordination Center found that almost every DDoS-attacked system was not patched in time. 2. Ensure that all hosts are inspected by the administrator, not only for critical hosts. This is to make sure that the administrator knows what each host system is running on. Who is using the host? Who can access the host? Otherwise, even if hackers violate the system, it is difficult to identify. 3. Ensure that unused services such as FTP or NFS are removed from the appropriate directory or file database of the server. There are known vulnerabilities in daemons such as FTPD, which enable hackers to gain access to privileged systems through root attacks and access to other systems, even those protected by firewalls. 4. Ensure that all services running on UNIX have TCP encapsulation programs that restrict access to the host. 5. The intranet is forbidden to connect to the PSTN system through modem. Otherwise, hackers can find unprotected hosts over the phone line and instantly access extremely confidential data? 6. Network access programs such as Telnet, FTP, Rsh, Rlogin, and RCP are prohibited, with PKI-based access programs such as SSH. SSH does not send passwords online in clear text, while Telnet and rlogin are the opposite, and hackers can search for these passwords to instantly access important servers on the network. In addition, the. Rhost and hosts.equiv files should be deleted on Unix because these files provide login access!7 without guessing the password. Limited to the firewall and network file sharing. This gives the hacker the opportunity to intercept the system file and replace it with a Trojan horse, which is no different from the file transfer function. 8. Make sure you have an up-to-date network topology on hand. This map should detail the TCP/IP address, host, router, and other network devices, and should include the network boundary, Demilitarized Zone (DMZ), and the internal confidentiality of the network. 9. Run the port mapper or port scanner on the fire wall. Most events are caused by improper firewall configuration, so the Dos/ddos attack success rate is very high, so you must carefully check the privileged port and the unprivileged port. 10. Check logs for all network devices and host/server systems. As long as the log appears to be vulnerable or changes in time, it is almost certain that the associated host security is under threat. 11. Use the equipment of the DDoS device provider. Unfortunately, no network can be protected from DDoS attacks at the moment, but if the above measures are taken, they can have a certain preventive effect. The above related content is the introduction of DDoS prevention, hope you can have some harvest. 498) this.width=498 ' OnMouseWheel = ' javascript:return big (This) ' style= ' width:471px; height:503px "alt=" DDoS Prevention Brief introduction "Srcwidth=" 471 "srcheight=" 503 "zoomrate=" 1 "src=" http://images.51cto.com/files/ Uploadimg/20100917/1750380.jpg "/> Above is a description of the DDoS prevention profile and hopefully will give you some help in this regard." "Editorial recommendations" from the game forum attack on DDoS Prevention and the response of the Global Network Security Network "responsible editor: Sun Chaohua TEL: (010) 68476606" Original: DDoS prevention compact version return to network security home
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.