How Do I Improve my Network Security?
Computer network is an important means and way for people to understand society and obtain information through modern information technology. Network security management is the fundamental guarantee that people can access the Internet safely, green, and healthy.
Network Security Management
(A way to protect network security)
- The specific contents of the network security management regulations are:
- Organize staff to earnestly study the "Administrative Measures for International Internet Security Protection of Computer Information Networks" to increase staff vigilance and consciousness in maintaining network security.
- Responsible for the security education and training of the network users, so that users consciously comply with and maintain the "Computer Information Network International Internet Security Protection Management Measures", so that they have basic network security knowledge.
- Strengthen the release of information and
- Protocol Unicom Technology
- International
- WinShield escorts internal information security
- Relying on the terminal monitoring system, WinShield integrates terminal management, network management, content management, asset management and other functions in a unified management platform system.
- WinShield uses active discovery and active defense methods to manage information assets. Terminals and files are the main focus of information security protection, and the life cycle of information assets is tracked and protected. It is a program designed to ensure the security of internal information assets. product.
- Six functions
- Terminal management includes
- Features
- Designed in accordance with the information asset management model and security standards
- WinShield starts with
- 1. Organize staff to study "
- 1.Encryption ensures data is protected
- Encrypting data is an important part of protecting it, but it is not without errors. Jon Orbeton is a senior security researcher at Zone Labs, which develops ZoneAlarm firewall software. He supports encryption, but warns that hackers are becoming more sophisticated with sniffer and can intercept SSL and SSL transaction signals and steal encrypted data. Although encryption helps protect stolen data from being read, there are several loopholes in encryption standards. As long as hackers have the right tools, they can drill into these holes. "Hackers are trying to avoid security mechanisms," Orbeton said.
- 2.Firewalls make the system as solid as possible
- SteveThornburg, an engineer at Mindspeed Technologies, which develops semiconductor networking solutions, said: "Many people say: 'We have a firewall.' But no matter how good a firewall is, traces of IP data passing through them can still be read." By tracking the IP traces that contain the system's network address, you can understand the details of the server and the computers connected to them, and then use this information to drill down holes in network vulnerabilities.
- It seems that firewall and encryption alone are not enough. Network administrators must not only ensure that the software version they run is the latest and most secure, but also pay attention to the operating system's vulnerability reports from time to time, and pay close attention to the network to look for signs of suspicious activity. In addition, they should give clear guidance to end users who use the network, and advise them not to install new software that has not been tested, open executable attachments to emails, access file sharing sites, run peer-to-peer software, and configure their own remote Access programs and insecure wireless access points, and more.
- The problem, Thornburg said, is that few companies are willing to invest the financial and human resources to stay safe. "They know it's not going to be popular because it reduces productivity," he said. "Cost is the main issue because these companies focus on the bottom line."
- 3. Hackers ignore old software
- Some people think that if you run an old system, you will not be a target for hackers, because hackers only focus on the more widely used software, and these software versions are newer than what we are using.
- This is not the case, Johannes Ullrich said. He is the CTO of the SANS Internet Storm Center, a security analysis and early warning service that issues warnings about security breaches and errors. He reminded hackers that a web server that has not been recently updated or patched is a common point of attack. "Many older versions of Apache and IIS (Internet Information Server) are subject to buffer overflow attacks."
- If the storage space cannot handle too much information, an overflow will occur and a buffer overflow problem will occur. Extra information always overflows somewhere, so hackers can use the system's vulnerabilities and let extra information enter where it shouldn't. Although Microsoft released patches to buffer overflow issues a few years ago, there are still many older systems that are not patched.
- 4.Mac is very safe
- Many people also think that their Mac system is not as vulnerable to hackers as the old system. However, many Macs run Windows programs such as Microsoft Office or are networked with Windows machines. In this way, Macs will also inevitably encounter the vulnerabilities faced by Windows users. As Gary McGraw, CTO of security expert Cigital, said: "It's only a matter of time" that cross-platform viruses targeting Win32 and OS X will emerge.
- The Mac OS X environment is also vulnerable, even if it is not running Windows software. A recent report from Symantec found that Mac OS X identified 37 vulnerabilities in 2004. The company warned that such vulnerabilities could increasingly be targeted by hackers, especially as Mac systems became more popular. For example, in October 2004, a hacker wrote a script virus called Opener. The script can disable the Mac OS X firewall, obtain personal information and passwords, open the back door so that you can control the Mac remotely, and it may also delete data.
- 5.Security tools and software patches make everyone more secure
- Some tools allow hackers to "reverse-engineer" patches released by Microsoft through its Windows Update service. By comparing changes in patches, hackers can figure out how a patch addresses a vulnerability and then figure out how to use the patch.
- Marty Lindner, Incident Processing Team Coordinator of the Computer Emergency Response Team Coordination Center at the Software Engineering Institute at Carnegie Mellon University, said: "The new tools that are being developed today revolve around a common theme: scanning for vulnerabilities. Scanning the Internet , List the vulnerable machines in detail. The tools developed assume that each machine is vulnerable to a certain vulnerability, and then simply run the tool. Every system has vulnerabilities; nothing is 100% secure. "
- Among the tools commonly used by hackers is Google, which can search and find vulnerabilities in many websites, such as the server login page in the default state. Someone used Google to look for insecure webcams, web vulnerability assessment reports, passwords, credit card accounts, and other sensitive information. New variants of the Santy worm and MyDoom have recently taken advantage of Google hacking. Even sites like this have begun to emerge, providing links to places that introduce more and more Google hacking techniques.
- 6. Security Management in the Cloud Era
- In the cloud era, we need to follow the basic logic of the information security management system. We need to establish a comprehensive information security management system for the information system that carries cloud computing applications, and improve the management capabilities, security protection capabilities, and operation and maintenance capabilities of IT managers. . In our country, the hierarchical protection system has become an important standard and specification that computer information systems must follow to implement security management. Therefore, implementing a hierarchical protection policy for important web servers is an important security measure to ensure that the cloud serves the public and society better.
IN OTHER LANGUAGES