Network server Security maintenance skills of the basic article

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

First, we can analyze the malicious network behavior of the network server includes two aspects: first, malicious attacks, such as denial of service attacks, network viruses, etc., which are designed to consume server resources, affect the normal operation of the server, or even the network paralysis of the server; the other is malicious intrusion, This behavior will cause the server sensitive information leakage, the intruder is able to do whatever, wanton destruction of the server. So we want to ensure that the security of the network server can be said to minimize the network server is affected by these two behaviors.

(a) Build your hardware Security defense system

Choose a good security system model. A complete security model should include the following necessary components: firewalls, intrusion detection systems, routing systems, etc.

The firewall plays a security role in the security system, can guarantee to a large extent from the network of illegal access and data traffic attacks, such as denial of service attacks, intrusion detection system is to play a role in the monitor, monitor your server access, very intelligent filter out those with intrusion and attack nature of the visit.

(ii) Use of the English operating system

To know that Windows after all American Microsoft stuff that and Microsoft's things have always been known as bugs and Patch, the Chinese version of the bug far more than the English version, and the Chinese version of the patch has always been more than the English version of the night, that is, if your server is installed in the Chinese version of the Windows system, After Microsoft leaks, you'll need to wait a while to patch it up, and maybe hackers and viruses will use this time to invade your system.

How to prevent a network server from being hacked:

1 using the NTFS file system format

As we all know, the file system we usually use is fat or FAT32,NTFS, which is supported by the Microsoft Windows NT kernel's series of operating systems, and a disk format designed specifically for network and disk quotas, file encryption, and other management security features. In the NTFS file system, you can set access permissions for any single disk partition. Place your own sensitive information and service information on separate partitions. This way, even if hackers gain access to the disk partitions where your service files are located, you need to find ways to break the security settings of your system to further access sensitive information that is stored on other disks.

2 Do the system backup

As the saying goes, "preparedness", although no one wants the system suddenly destroyed, but not afraid of 10,000, just in case, make a good server system backup, in case of damage can also be timely recovery.

3 off unnecessary service, only open the port

Shut down those services that are not necessary and do local management and group management. Windows system has many default services that are not necessarily open, or even dangerous, such as: The default shared Remote registry access (Registry service), the system a lot of sensitive information is written in the registration table, such as pcanywhere encryption password.

Close those unnecessary ports. Some seemingly unnecessary ports, you can disclose many operating system sensitive information to hackers, such as Windows Server default to open the IIS service to tell each other that your operating system is windows Port 2000.69 tells the hacker that your operating system is most likely a Linux or Unix system, because 69 is the port used by the default TFTP service under these operating systems. Further access to the port can also return some information about the software and its version on the server, which provides a great help for hacking. In addition, open ports are more likely to become hackers into the server portal.

In short, do a good job of TCP/IP port filtering not only helps prevent hackers, but also to prevent the virus has some help.

4 software firewall, antivirus software

Although we already have a hardware defense system, but a few more "bodyguards" is not a bad thing.

5 Open your Event log

Although opening the log service does not directly affect the hacker's intrusion, but by recording the whereabouts of the hackers, we can analyze what the intruders have done on our system, what damage and hidden problems the system has caused, and what kind of backdoor the hacker has left on our system. What security vulnerabilities are there in our servers, and so on. If you are a master, you can also set up a secret tank, waiting for hackers to invade, in his invasion when he caught him.

6 Help yourself with external force

If your system has all the security done, but you still do not trust, or there are security problems to do. I think it is better to find your friends to help you maintain, or to find some professional server security generation, such as A5 server generation http://safe.admin5.com on the site is very high, you can try.

Finally, I have collected a few servers and Web site security Technology Group:: ①27805343②84814264③75927060④84815626⑤84815663⑥40702240 Super Group (17696688), I hope to give you some help!~