This article is a summary of some of my experiences on the security of server network security. It is some basic common sense. It is suitable for entry-level server management personnel to read. I hope that I will not laugh in front of the experienced technicians. .
First, we can analyze that the malicious network behavior of the network server includes two aspects: one is malicious attack behavior, such as denial of service attack, network virus, etc. These actions are designed to consume server resources and affect the server. Normal operation, even the network of the server is located; the other is malicious intrusion behavior, this behavior will lead to the leakage of sensitive information of the server, the intruder can do whatever he wants, want to destroy the server. Therefore, we must ensure that the security of the network server is to minimize the impact of the network server on these two behaviors.
Based on the share of windows as the operating system server in the Chinese market and the understanding of the operating system of the Chinese people, I am here to talk about some personal opinions on the maintenance of windows network server security.
How to avoid web servers from malicious attacks on the Internet.
(1) Build your hardware security defense system
Choose a good security system model. A comprehensive security model should include the following necessary components: firewall, intrusion detection system, routing system, and so on.
The firewall plays a security role in the security system, which can largely guarantee illegal access from the network and data traffic attacks, such as denial of service attacks; the intrusion detection system plays the role of a monitor, monitoring you Server portals, very intelligently filter out those with intrusive and offensive nature.
(B) choose English operating system
To know, Windows is after all Microsoft's things, and Microsoft's things have always been known for Bug and Patch, the Chinese version of the Bug is far more than the English version The Chinese version of the patch has always been later than the English version, that is, if your server is loaded with the Chinese version of the windows system, after the Microsoft vulnerability is announced, you still need to wait a while to patch, maybe hackers The virus used this time to invade your system. How to prevent web servers from being hacked:
First of all, as a hacker admirer, I would like to say that there is no absolutely secure system in the world. We can only avoid being invaded as much as possible to minimize the number of casualties.
(1) Adopt NTFS file system format
As we all know, the file system we usually use is FAT or FAT32, NTFS is supported by the series of operating systems of Microsoft Windows NT kernel, one for network and disk quotas, A disk format designed for management security features such as file encryption. In the NTFS file system you can set individual access permissions for any disk partition. Put your own sensitive information and service information on separate disk partitions. In this way, even if the hacker gains access to the disk partition where your service file is located by some means, you need to find ways to break through the security settings of the system to further access sensitive information stored on other disks.
(B) do a good job of system backup
As the saying goes, "have preparedness", although no one wants the system to be suddenly destroyed, but not afraid of 10,000, just in case, make a backup of the server system, in case of It can also be restored in time when it is destroyed.
(3) Close unnecessary services, only open the port opened
Close those services that are not open, do local management and group management. Windows system has a lot of default services, it is not necessary to open, it can even be said to be dangerous, such as: the default shared remote registry access (Remote Registry Service), the system a lot of sensitive information is written in the registry, such as Encrypted passwords for pcanywhere.
Close those unnecessary ports. Some seemingly unnecessary ports can indeed disclose sensitive information of many operating systems to hackers. For example, the IIS service that Windows 2000 server opens by default tells the other party that your operating system is Windows 2000. The port 69 tells the hacker that your operating system is extremely It may be a linux or Unix system, because 69 is the port used by the default tftp service under these operating systems. Further access to the port can also return some information about the software and its version on the server, which is a great help for hackers. In addition, open ports are more likely to be the gateway for hackers to enter the server.
In short, doing a good job of TCP /IP port filtering will not only help prevent hackers, but also help prevent viruses.
(4) Software firewall, anti-virus software
Although we already have a hardware defense system, but a few "bodyguards" is not a bad thing.
(5) Open your event log
Although opening the log service does not directly affect the hacker's invasion, but by recording the hacker's whereabouts, we can analyze the intruder on our system. What kind of hands and feet have been done, what damages and hidden dangers have been caused to our system, what kind of backdoors hackers have left on our systems, and what security vulnerabilities exist in our servers. If you are a master, you can also set up a canister, wait for the hacker to invade, and catch him when he invades.
Recently, an enterprise database server has failed many times: the client PC runs
Recently, some netizens reported that when Windows XP comes with the “Remote Desk
Remote Desktop Terminal Services default port as “3389” To prevent malicious connections
Server DIY is popular among people for its high cost performance, low energy consu
How the Data Center Prevents Electrostatic Discharge
IIS reported that the script language VBScript.encode error solution was not found on the server
Ten should be away from the workload of the public cloud
Event Code: 3005 Event Message: A resolution of an unhandled exception occurred
The advantages and disadvantages of CDN acceleration and the difference between two-line server
The IIS server sets the individual user permissions for each site
What is the HBA card What is the role of the HBA card?
What is the external host channel? The
Application pool auto shutdown solution
Coup 123: How to squeeze out the "every drop of oil" of the server
Win8.1 built-in Microsoft Pinyin input method has added cloud candidate function
What should I do if I activate the error 0xc004c003 and 0xC004E016 after upgrading Windows 10?
Win10 Mobile Anniversary Update 14393.5 mobile phone screenshot leaked: model is Lumia532
Win7 system command prompt input instruction invalid problem solution
How to get back XP forgotten password
Windows 8 System Tips for Conserving Battery Power
Windows7 audio service is not running solution
Win8 replacement win7 system need to pay attention to what?