Current location - Quotes Website - Personality signature - Network security tools
Network security tools

Tools for maintaining network security include VIEID, digital certificates, digital signatures, and local or cloud-based anti-virus software. In terms of laws, there are the Computer Information System Security Protection Regulations of the People's Republic of China and the Electronic Signature Law of the People's Republic of China.

Firewall

An Internet firewall is a system (or group of systems) that enhances the security of an organization's internal network. The firewall system determines which internal services can be accessed by the outside world; who from the outside can access which internal services, and which external services can be accessed by internal personnel. For a firewall to be effective, all information from and to the Internet must pass through the firewall and be inspected by the firewall. A firewall only allows authorized data to pass through, and the firewall itself must be impervious to penetration.

Internet firewalls are responsible for managing access between the Internet and the organization's internal network. Without a firewall, each node on the internal network is exposed to other hosts on the Internet and is extremely vulnerable to attacks. This means that the security of the internal network is determined by the strength of each host, and is as secure as the weakest system among them.

Internet firewalls allow network administrators to define a central "control point" to prevent illegal users, such as hackers and network saboteurs, from entering the internal network. Ban security-vulnerable services from entering and exiting the network and fight attacks from a variety of routes. Internet firewalls can simplify security management. Network security is reinforced on the firewall system instead of being distributed on all hosts in the internal network.

The firewall can easily monitor the security of the network and generate alarms. (Note: For an internal network connected to the Internet, the important question is not whether the network will be attacked, but when? Who is attacking?) The network administrator must audit and record all important traffic that passes through the firewall. information. If network administrators cannot respond to alarms promptly and review routine records, the firewall is ineffective. In this case, the network administrator will never know if the firewall is compromised.

Internet firewall can be used as a logical address to deploy NAT (Network Address Translator, Network Address Translation). Therefore, firewalls can be used to alleviate the problem of address space shortage and eliminate the trouble of re-addressing when organizations change ISPs.

An Internet firewall is a great place to audit and log Internet usage. Network administrators can provide management departments with the cost of Internet connections, identify potential bandwidth bottlenecks, and provide department-level billing based on the organization's accounting model.

In terms of design concept, the firewall is application-focused and security-based, which means that it must support as many applications as possible to ensure the security of use. This design concept of the firewall allows it to be widely used in as many fields as possible, with a wider market, and can even be used on personal computers, but its security is often not satisfactory. The gatekeeper focuses on security and supports as many applications as possible while ensuring security. Gatekeepers are mainly used in areas with extremely high security requirements, such as the protection of government networks, industrial control systems, etc.

Security Policy

A firewall is not just a combination of a router, a bastion host, or any device that provides network security. A firewall is a part of a security policy.

The security policy establishes a comprehensive defense system, even including: informing users of their responsibilities, company-specified network access, service access, local and remote user authentication, dial-in and dial-out, disk and data encryption, virus protection measures, and employee training. All places that may be vulnerable to attack must be protected with the same level of security.

If only a firewall system is set up without a comprehensive security strategy, the firewall will be ineffective.

System security

Security control of the operating system: such as the password entered by the user at startup (some microcomputer motherboards have a "universal password"), control of read and write access to files ( Such as the file attribute control mechanism of Unix system).

Security control of network interface module.

Securely control network communication processes from other machines in a network environment. Mainly including: identity authentication, customer permission setting and identification, audit logs, etc.

Security control of network interconnection equipment. Safely monitor and control the transmission information and operating status of all hosts in the entire subnet. This is mainly achieved through network management software or router configuration.

E-commerce

E-commerce security can be divided into two parts as a whole: computer network security and business transaction security.

(1) Computer network security includes:

(1) No operating system-related security configuration is performed

No matter what operating system is used, by default There will be some security issues under the installation conditions. Only by carrying out relevant and strict security configuration specifically for the security of the operating system can a certain level of security be achieved. Never think that after the operating system is installed by default and coupled with a strong password system, it is considered safe. Vulnerabilities and "backdoors" in network software are the preferred targets for network attacks.

(2) No CGI program code audit was performed

If it is a general CGI problem, it is slightly easier to prevent, but for some CGI programs specially developed by websites or software vendors , many have serious CGI problems. For e-commerce sites, there will be serious consequences such as malicious attackers pretending to use other people's accounts for online shopping.

(3) Denial of Service (DoS, Denial of Service) attack

With the rise of e-commerce, the real-time requirements for websites are getting higher and higher. DoS or DDoS has a serious impact on the website. The threat is growing. The effect of attacks targeting network paralysis is stronger and more destructive than any traditional methods of terrorism and war, causing harm faster and wider, while the risk to the attackers themselves is very small, even It can disappear without a trace before the attack begins, leaving the other party with no possibility of retaliating.

(4) Improper use of security products

Although many websites use some network security equipment, these products do not play their role due to problems with the security products themselves or usage problems. Some effects. The products of many security manufacturers have very high requirements for the technical background of configuration personnel, exceeding the technical requirements for ordinary network management personnel. Even if the manufacturers initially provide users with correct installation and configuration, once the system is changed, the related security products need to be modified. When setting up, it's easy to create many security issues.

(5) Lack of strict network security management system

The most important thing about network security is to attach great importance to it ideologically. The security within the website or local area network needs to be guaranteed by a complete security system. . Establishing and implementing strict computer network security systems and strategies is the basis for truly realizing network security.

(2) Computer business transaction security includes:

(1) Stealing information

Since encryption measures are not used, data information is transmitted in plain text on the network. The intruder can intercept the transmitted information at the gateway or router through which the data packet passes. Through repeated theft and analysis, the patterns and formats of the information can be found, and then the content of the transmitted information can be obtained, causing the leakage of information transmitted online.

(2) Tampering with information

After the intruder has mastered the format and rules of the information, he will use various technical means and methods to modify the information data transmitted on the network midway. Then send it to the destination. This method is not new and can be done on a router or gateway.

(3) Impersonation

Since the attacker has mastered the format of the data and can tamper with the passed information, the attacker can pretend to be a legitimate user to send fake information or actively obtain information, while the remote It's often difficult for users to tell the difference.

(4) Malicious destruction

Since attackers can access the network, they may modify the information in the network, master confidential information on the Internet, and even sneak into the network. The consequences are very serious.

Protocol security

TCP/IP protocol data stream is transmitted in clear text.

Source address spoofing or IP spoofing.

Source Routing spoofing.

Routing Information Protocol Attacks (RIP Attacks).

Authentication Attacks.

TCP Sequence number spoofing.

TCP SYN Flooding Attack, referred to as SYN attack.

Ease of spoofing.

Related articles
  • Characteristics of pressed flower art
  • What chapter should be deducted from each page of water conservancy and hydropower construction drawing design?
  • What is the prospect of e-commerce?
  • How to prosecute in civil litigation
  • How to write the protocol format
  • Company canteen safety commitment letter
  • Class diary sheds youth with sweat
  • How to write the signature of the name Yuan Xiaohui?
  • Translation version information version 7.23.
  • Li Jianhua¡¯s academic works

    • copyright 2024 Quotes Website All rights reserved