Home PC Games Linux Windows Database Network Programming Server Mobile  
           
  Home \ Linux \ Intrusion prevention network server security maintenance tips     - Transfer MySQL database to MariaDB (Database)

- File compression and packaging commands under Linux (Linux)

- Configuring ftp server and nfs server under Linux (Server)

- Linux Network Programming --TCP and UDP datagram type Explanation (Programming)

- MongoDB query timeout exception SocketTimeoutException (Database)

- Detailed Linux su command to switch users Mistakes (Linux)

- Use SocketServer write a sockets program (Programming)

- Single-node Hadoop installation notes distributed pseudo & (Server)

- [SHELL] MySQL primary recovery solution from + Keepalived online (Server)

- Ubuntu 14.04 LTS to compile the source code Android4.4.2 (Linux)

- Web server security policy (Linux)

- Linux ACL permissions (Linux)

- How to contribute code to the GNU Project (Linux)

- Linux install deploy Ansible (Linux)

- How to make Linux a non-root user uses less than 1024 ports (Linux)

- Oracle table of nested loop connection (Database)

- Use OpenWrt build WDS wireless network extension on V2 WHR-G300N (Linux)

- Oracle 11g partition maintenance (Nice) - Truncating And Partitions (Database)

- Java Builder mode (Programming)

- C ++ pointer two third memory model (Programming)

 
         
  Intrusion prevention network server security maintenance tips
     
  Add Date : 2017-08-31      
         
         
         
  Based on windows server operating system to do as well as people's share in the Chinese market, the level of understanding of the operating system, I talk about some personal views on the personal network server security maintenance windows here.

Malicious network behavior of the network server includes two aspects: First, malicious attacks, such as denial of service attacks, network viruses, etc., these acts designed to consume server resources, affect the normal operation of the server, and even paralysis of the server where the network; in addition one is malicious intrusions, such behavior is sensitive information disclosure will lead to the server, the intruder can do whatever they want even more, wanton destruction of the server. Therefore, we must ensure the security of the network server can be said is to minimize both the affected web server behavior.

Based on windows server operating system to do as well as people's share in the Chinese market, the level of understanding of the operating system, I talk about some personal views on the personal network server security maintenance windows here.

How to avoid web server by malicious online attacks:

(A) build up your hardware security defense system

Choose a good security system model. A comprehensive security model should include the following essential components: firewalls, intrusion detection systems, routing systems.

Firewall security systems play a role in security, we can largely ensure that unauthorized access and data traffic from network attacks, such as denial of service attacks; intrusion detection system is playing the role of a monitor, monitor your server entrance very intelligently filter out those with access to the invasion and attack properties.

(Ii) selection of English Operating Systems

You know, windows, after all, what the United States Microsoft, and Microsoft has always been something to known for many Bug and Patch, the Chinese version of the Bug is far more than the English version, and the Chinese version of the patch has always been a night out than the English version that is, if your server is to upload the Chinese version of windows system, then Microsoft released vulnerabilities you need to wait some time to lay the patch, perhaps hackers, viruses can use this time to invade your system.

How to prevent being hacked web server:

First, as a hacker admirer, I would say, the world is no absolute security system. We can only try to avoid being invaded, the maximum extent to reduce casualties.

(A) using the NTFS file system format

As we all know, we usually use the file system is FAT or FAT32, NTFS is a Microsoft Windows NT family of operating system kernel support, a special for the network and disk quotas, file encryption and other security features designed to manage the disk format. NTFS file system, you can set access permissions individually for any one disk partition. Put your own sensitive information and service information in separate partitions. So even if a hacker get your service through some method of file where the disk partition access, you also need to find ways to break the system security settings to further access to sensitive information stored on another disk.

(Ii) to do system backup

As the saying goes, "be prepared for", although the system who do not want to suddenly be destroyed, but not afraid of ten thousand, afraid of the event, make server backup system, in case of destruction when you can recover in time.

(C) Close unnecessary services, and only the open ports

Close unnecessary open service, good local management and group management. There are many default Windows system service is in fact no need to open, or even dangerous, for example: the default shared remote registry access (Remote Registry Service), a lot of sensitive information is written in the system registry, such as pcanywhere encryption password.

Close unnecessary ports. Seemingly unnecessary ports, hackers can indeed to disclose sensitive information on many operating systems, such as windows 2000 server open the IIS services by default tell each other your operating system is windows 2000.69 port tell hacking your operating system will It may be linux or unix system, because 69 is under these operating systems to use the default port tftp service. Further access to the port, you can also return some information on the server version of its software, these invasion of hackers have provided great help. In addition, open ports more likely to be hacking into the server portal.

In short, do TCP / IP port filtering not only help prevent hacking, but also to prevent the virus also has some help.

(Iv) a software firewall, antivirus software

Although we already have a defense system hardware, but "guard" a few more is not a bad thing.

(V) to open your event log

Although the open log services, though said to prevent hackers and has no direct role, but the hacker through his record whereabouts, we can analyze the intruder in the system in the end we did what the hands and feet to our system, which in the end caused the damage and hidden hackers in the end to stay in our system, what kind of back door, our server in the end there is what security vulnerabilities and so on. If you are a master, you can also set the honeypot and wait for hackers to invade, invasion, when he caught him.
     
         
         
         
  More:      
 
- Some safety precautions of Linux servers (Linux)
- Dual system Linux (Ubuntu) into the Windows NTFS partition's mount error (Linux)
- VNC configuration detailed analysis under Linux (Linux)
- Linux raw socket (Programming)
- Linux basic articles of the boot process (Linux)
- Build a Linux development environment under STC89C52RC (Linux)
- DB2 manually create a library (Database)
- TCP protocol flaw incomplete records (Linux)
- Android Send HTTP POST requests (Programming)
- Quickly locate the mistakes by gdb location (Programming)
- Linux shell script debugging (Linux)
- Oracle table compression Technology Introduction (Database)
- Java proxy mode (Programming)
- Spring3 + SpringMVC + Hibernate4 full annotation environment configuration (Server)
- Top command: the Task Manager under linux (Linux)
- Ubuntu 10.10 install Oracle 10g Installation Guide (Database)
- See how --nand flash timing diagram of a read operation Comments (Programming)
- Linux systems use logwatch log file monitoring (Linux)
- Installation and Configuration OpenVPN server and client on Ubuntu 15.04 (Server)
- Linux / Unix desktops interesting: Christmas tree on the terminal (Linux)
     
           
     
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.