Novice Portal Server System maintenance and Security Configuration

Intermediary transaction SEO diagnosis Taobao guest Cloud host technology Hall

Security protection of hardware system

Hardware security issues can also be divided into two kinds, one is physical security, one is to set security.

1. Physical Security

Physical security is to prevent accidental events or man-made damage to specific physical devices, such as servers, switches, routers, cabinets, lines and so on. The key of the machine room and cabinet must be managed well, do not let irrelevant personnel enter the computer room at will, especially the network Center room, prevent man-made deliberate destruction.

2. Set up security

Setting security means making the necessary settings on the device (such as the server, the password of the switch, etc.) to prevent hackers from acquiring remote control of hardware devices. For example, many network management is often not in the server or network management of the switch to set the necessary password, know how to manage the Internet equipment management technology can be access to the network server or switch control, which is very dangerous. Because the router belongs to the access device, it must be exposed to the vision of Internet hacker attack, so we need to take more stringent security management measures, such as password encryption, strict loading access list, etc.

Security protection of software system

Compared with the hardware system, the security problem of the software system is the most and the most complicated. Here we will focus on the security of software systems.

TCP/IP protocols are now widely used in a variety of networks. But the TCP/IP protocol originated on the Internet, which was an open Internet for researchers in the early days and was a completely non-profit information-sharing carrier, so almost all Internet protocols did not consider security mechanisms. Another factor in network insecurity is that it is easy for people to obtain relevant core technical information from the Internet, especially the technical data about the Internet itself and various kinds of hacker software, which can easily cause network security problems.

Safety precautions

In the face of the endless network security problems we are not helpless, can start from the following several aspects, can be done in a preventive way.

1, install the patch program

Any operating system has vulnerabilities, as a network system administrator is responsible for the timely "patch" (Patch). Most small business servers use Microsoft's Windows nt/2000/2003 operating system, because they use a lot of people, so there are also a lot of bugs found, and there are also a lot of people who deliberately attack them. To make up for operating system vulnerabilities, Microsoft has provided a number of patches on its web site to download and install the associated upgrade packs online. For Windows2003, upgrade to SP1 at least, for Windows 2000, upgrade to Service Pack 2 at least, and upgrade to Service Pack 6 for Windows NT 4.0.

2. Installing and setting up firewalls

Now there are many hardware or software based firewalls, such as Huawei, Shenzhou Digital, Lenovo, rising and other manufacturers of products. For intranet, it is necessary to install a firewall. Firewalls have a good preventive effect on illegal access, but it's not the end of the firewall, but the need for appropriate settings to work. If you are not aware of the firewall settings, you will need technical support personnel to assist with Setup.

3. Install Network anti-virus software

Now the network virus is very rampant, presumably everyone has tasted the "Nimda" virus severe. This requires the network server to install a network version of anti-virus software to control the spread of the virus, at present, most anti-virus manufacturers (such as rising, Golden Chen, Trends, Symantec, Panda, etc.) have launched the network version of anti-virus software, at the same time, in the network version of anti-virus software use, must be regularly or timely upgrade anti-virus software.

4, Account and password protection

Account and password protection can be said to be the system's first line of defense, the current online most of the attacks on the system from the interception or guessing the password began. Once the hacker entered the system, then the previous defense measures almost no effect, so the server system administrator's account and password management is a very important measure to ensure system security.

System administrator password must be more digits, at least 8 digits above, and do not set it as an easy to guess password, such as your own name, date of birth, etc. For ordinary users, set certain account management policies, such as forcing users to change the password once a month. For some infrequently used accounts to be closed, such as anonymous login account.

5. Monitoring System Log

By running the System log program, the system records all the user's use of the system, including the most recent logon hours, the account used, and the activities carried out. The log program generates reports on a regular basis, and you can tell if there is an anomaly by analyzing the report.

6. Turn off unwanted services and ports

Server operating system in the installation, will start some unwanted services, which will occupy the system resources, but also increase the system's security risks. For servers that are completely unused during the holidays, you can shut down completely, and you should turn off unwanted services, such as Telnet, for the server you want to use during the holidays. Also, turn off TCP ports that are not necessary to open.

7, regular backup of the server

To prevent unpredictable system failures or careless user actions, the system must be backed up securely. In addition to a monthly backup of the system as a whole, a weekly backup of the modified data should be performed. At the same time, the modified important system files should be stored on different servers so that when the system crashes (usually the hard drive error), the system can be restored to normal state in a timely manner.