Home PC Games Linux Windows Database Network Programming Server Mobile  
  Home \ Linux \ Intrusion prevention network server security maintenance tips     - Linux scheduling summary (Linux)

- Django1.8 return json json string and the string contents of the received post (Programming)

- Ubuntu the ARP (arptables) (Linux)

- Installation Elementary OS Freya 20 things to do (Linux)

- To create someone else can not afford to delete the administrator user (Linux)

- Oracle database NUMBER (x, y) data types (Database)

- Linux installation Jetty deployment under RedHat5 8 (Linux)

- Intrusion analysis and prevention tools Knark under Linux platform (Linux)

- How Linux system password security guarantee (Linux)

- Linux Kernel 4.2.2 compiler installation tutorial (Linux)

- Linux in order to make NMAP hide and seek with the firewall (Linux)

- Linux find command usage summary (Linux)

- CentOS Set the Mono environment variable (Server)

- How to update the ISPConfig 3 SSL Certificates (Server)

- Dockerfile use to build a mirror-based CentOS 7 (Linux)

- Linux System Getting Started Learning: the Linux Wireshark interface dead solve (Linux)

- Modify Linux terminal prompt path length (Linux)

- rsync + inotify to achieve real-time synchronization (Server)

- Terminal multiplexing tool tmux use (Linux)

- Linux memory Cache Analysis (Linux)

  Intrusion prevention network server security maintenance tips
  Add Date : 2017-08-31      
  Based on windows server operating system to do as well as people's share in the Chinese market, the level of understanding of the operating system, I talk about some personal views on the personal network server security maintenance windows here.

Malicious network behavior of the network server includes two aspects: First, malicious attacks, such as denial of service attacks, network viruses, etc., these acts designed to consume server resources, affect the normal operation of the server, and even paralysis of the server where the network; in addition one is malicious intrusions, such behavior is sensitive information disclosure will lead to the server, the intruder can do whatever they want even more, wanton destruction of the server. Therefore, we must ensure the security of the network server can be said is to minimize both the affected web server behavior.

Based on windows server operating system to do as well as people's share in the Chinese market, the level of understanding of the operating system, I talk about some personal views on the personal network server security maintenance windows here.

How to avoid web server by malicious online attacks:

(A) build up your hardware security defense system

Choose a good security system model. A comprehensive security model should include the following essential components: firewalls, intrusion detection systems, routing systems.

Firewall security systems play a role in security, we can largely ensure that unauthorized access and data traffic from network attacks, such as denial of service attacks; intrusion detection system is playing the role of a monitor, monitor your server entrance very intelligently filter out those with access to the invasion and attack properties.

(Ii) selection of English Operating Systems

You know, windows, after all, what the United States Microsoft, and Microsoft has always been something to known for many Bug and Patch, the Chinese version of the Bug is far more than the English version, and the Chinese version of the patch has always been a night out than the English version that is, if your server is to upload the Chinese version of windows system, then Microsoft released vulnerabilities you need to wait some time to lay the patch, perhaps hackers, viruses can use this time to invade your system.

How to prevent being hacked web server:

First, as a hacker admirer, I would say, the world is no absolute security system. We can only try to avoid being invaded, the maximum extent to reduce casualties.

(A) using the NTFS file system format

As we all know, we usually use the file system is FAT or FAT32, NTFS is a Microsoft Windows NT family of operating system kernel support, a special for the network and disk quotas, file encryption and other security features designed to manage the disk format. NTFS file system, you can set access permissions individually for any one disk partition. Put your own sensitive information and service information in separate partitions. So even if a hacker get your service through some method of file where the disk partition access, you also need to find ways to break the system security settings to further access to sensitive information stored on another disk.

(Ii) to do system backup

As the saying goes, "be prepared for", although the system who do not want to suddenly be destroyed, but not afraid of ten thousand, afraid of the event, make server backup system, in case of destruction when you can recover in time.

(C) Close unnecessary services, and only the open ports

Close unnecessary open service, good local management and group management. There are many default Windows system service is in fact no need to open, or even dangerous, for example: the default shared remote registry access (Remote Registry Service), a lot of sensitive information is written in the system registry, such as pcanywhere encryption password.

Close unnecessary ports. Seemingly unnecessary ports, hackers can indeed to disclose sensitive information on many operating systems, such as windows 2000 server open the IIS services by default tell each other your operating system is windows 2000.69 port tell hacking your operating system will It may be linux or unix system, because 69 is under these operating systems to use the default port tftp service. Further access to the port, you can also return some information on the server version of its software, these invasion of hackers have provided great help. In addition, open ports more likely to be hacking into the server portal.

In short, do TCP / IP port filtering not only help prevent hacking, but also to prevent the virus also has some help.

(Iv) a software firewall, antivirus software

Although we already have a defense system hardware, but "guard" a few more is not a bad thing.

(V) to open your event log

Although the open log services, though said to prevent hackers and has no direct role, but the hacker through his record whereabouts, we can analyze the intruder in the system in the end we did what the hands and feet to our system, which in the end caused the damage and hidden hackers in the end to stay in our system, what kind of back door, our server in the end there is what security vulnerabilities and so on. If you are a master, you can also set the honeypot and wait for hackers to invade, invasion, when he caught him.
- OpenSUSE GPG Comments (Linux)
- Ubuntu users install the Download Manager software Xdman 5.0 (Linux)
- Nodejs complete installation instructions for Express (Linux)
- Configuring VMWare FreeBSD9.2 remote debugging kernel source code (Linux)
- Installation and configuration to compile MySQL 5.6.10 under CentOS 5.9 (Database)
- Linux boot process and run level (Linux)
- N1QL bring SQL-like query NoSQL database experience (Database)
- Fedora 22 Server how to upgrade to Fedora 23 Beta Server (Linux)
- The first deployment of cross-platform operation Rafy record (Server)
- Linux, ls command to achieve (Linux)
- Nginx + uWSGI + Django + Python Application Architecture Deployment (Server)
- Matters Oracle 11.2 single instance when connecting ASM need to pay attention and deal with the problem (Database)
- Android Studio simple setup (Linux)
- CentOS installation pycurl (Linux)
- Using IntelliJ IDEA Import Spark Spark latest source code and compile the source code (Linux)
- Get basic information about Linux server script (Server)
- How VMware extend disk without rebooting the system (Linux)
- Java is simple to read and write HDFS Demo (Programming)
- Linux System Getting Started Learning: rename multiple files in Linux (Linux)
- Linear table with a Java implementation of the iterator (Programming)
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.