LAN Security Service

For internal network security management, we must first monitor and discover various security incidents and risks in the internal network. Risks can only be controlled when they are known. Various monitoring methods and methods must be used to control various types of security that commonly exist in the internal network. Risks such as border security, website security, sensitive information security, mobile storage media security, basic security, operational security, violations, etc. shall be discovered at the first time, and combined with corresponding protective measures, they shall be dealt with in a timely manner to reduce the harm caused by risks. To the lowest.

Secondly, the internal network security management must be combined with the actual situation of the unit, mobilize the enthusiasm of all parties, attract the attention of the leaders, clarify the responsibilities of the tripartite, and organically integrate it with the management system and norms, and establish a routine and normalized management mechanism. platform. Intranet security management is not only the accumulation of technical means, but also not just the responsibility of security administrators. Intranet security management is a systematic project that requires a multi-pronged approach through human, technology, and management.

※Safety precautions of operating system

Many technologies, from end-user programs to server application services, and network security, all run on the operating system. Therefore, ensuring the security of the operating system is the foundation of the entire security system. In addition to increasing security patches, it is also necessary to establish a monitoring system for the system, and establish and implement effective user passwords and access control systems.

※Important data backup plan

In the intranet system, data is becoming more and more important to users. In fact, the factors that cause computer data to be lost or damaged or tampered have far exceeded the known virus or malicious attack. Unexpected power outages and other more targeted disasters can cause more losses to users than direct virus and hacker attacks.

In order to maintain the security of the corporate intranet, important data must be backed up to prevent the system from crashing due to various software and hardware failures, virus attacks, and hacker damage, and consequently incurring major losses.

For data protection, it is indispensable to choose backup software with complete functions and flexible use; there are more backup software in the application nowadays, and with various disaster recovery software, data security can be more comprehensively protected.

※Use proxy gateway

The advantage of using a proxy gateway is that the exchange of network data packets will not be carried out directly between the internal and external networks. The internal computer must pass through the proxy gateway to access the Internet, so that the operator can conveniently restrict access to the external network by the internal computer on the proxy server.

Using different protocol standards at both ends of the proxy server can also prevent illegal access from outsiders. In addition, the gateway of the proxy service can verify the data packet and confirm the security control such as password.

※ Reasonable configuration of firewall

The choice of firewall should be appropriate. For micro and small enterprise networks, you can choose a personal firewall suitable for micro and small enterprises from products such as Norton Internet Security, PCcillin, and Skynet personal firewall.

For companies with internal networks, you can choose to set up on the router or buy more powerful firewall products. For almost all router products, some of the attacks can be prevented through the built-in firewall, and the application of the hardware firewall can further strengthen the security.

※Information confidentiality prevention

In order to ensure the security of the network, the security measures provided by the network operating system can also be used. Take Windows as an example, log in with user name, set login password, set directory and file access permissions and password to control what kind of directories and files the user can only operate, or set user-level access control, and access the Internet through the host, etc. .

At the same time, the confidentiality protection of database information can be strengthened. There are two forms of data organization in the network: files and databases. Due to the lack of sharing of data in the form of file organization, databases have now become the main form of network storage of data. Since the operating system does not have special security measures for the database, and the data of the database is stored in it in a readable form, corresponding methods should be adopted to keep the database confidential. E-mail is the main way for companies to transmit information, and the transmission of e-mail should be encrypted. Corresponding confidentiality measures can also be taken against the leakage channels of computers and their external equipment and network components, such as electromagnetic leakage, illegal terminals, wire theft, and the residual magnetic effect of the medium.

※Prevention and immunity from general attacks

A large part of the security threats to computer network systems comes from denial of service (DoS) attacks and computer virus attacks. In order to protect network security, it can also be carried out from these aspects

An effective way to deal with "Denial of Service" attacks is to allow only network traffic related to the entire Web site to enter, and this type of hacker attack can be prevented. In particular, ICMP packets, including ping commands, should be blocked.

By installing an illegal intrusion detection system, the performance of the firewall can be improved to monitor the network, perform immediate interception actions, and analyze and filter packets and contents. When a stealer invades, the service can be effectively terminated immediately, so as to effectively prevent the company’s confidential information from being compromised. steal. At the same time, illegal users' access to the network should be restricted, and the access authority of workstations with IP addresses to local network devices should be specified to prevent illegal modification of the network device configuration from the outside.

※Computer virus prevention

From the perspective of the development trend of viruses, viruses have changed from single transmission and single behavior to Internet-dependent transmission, which integrates multiple transmission methods such as e-mail and file transmission, and combines multiple attack methods such as hackers and Trojan horses into one. New virus". Computer viruses show more of the following characteristics: they are more closely integrated with the Internet and Intranet, and spread by all available methods (such as mail, local area network, remote management, instant messaging tools, etc.); all viruses are of mixed type Features, integrating the characteristics of file infection, worms, Trojan horses, and hacker programs, greatly enhanced destructiveness; because of its extremely fast spread, it no longer pursues concealment, but pays more attention to deception; using system vulnerabilities will become a powerful way for viruses to spread .

Therefore, when choosing anti-virus products on the intranet, you need to consider the following points: anti-virus methods need to be fully integrated with the Internet, not only traditional manual scanning and file monitoring, but also real-time network layer and mail client Monitor to prevent virus intrusion; products should have complete online upgrade services to enable users to have the latest anti-virus capabilities at any time; provide key protection for applications that are frequently attacked by viruses; product manufacturers should have a fast-response virus detection network to prevent virus outbreaks The solution can be provided at the first time; the manufacturer can provide complete and instant anti-virus consultation to improve users' anti-virus awareness and alertness, and let users understand the characteristics and solutions of the new virus as soon as possible.

※Intranet password key management

In reality, when an intruder attacks an intranet target, 90% of them will decipher the password of an ordinary user as the first step. Take the Unix system or Linux system as an example, first use "finger remote hostname" to find out the user account on the host, and then use the dictionary exhaustive method to attack. This deciphering process is completed by the program. It takes about ten hours to complete all the words in the dictionary. If this method does not work, the intruder will carefully look for the weak links and loopholes of the target, and wait for an opportunity to seize the file shadow or passwd that stores the password in the target. Then use a special program to crack the DES encryption algorithm to parse the password. In the internal network, the system administrator must pay attention to the management of all passwords, such as the length of the password as long as possible; do not choose obvious information as the password; do not use the same password on different systems; It is better to have uppercase and lowercase letters, characters, and numbers in the password; change your password regularly; use a password cracking program to check whether the shadow file is safe or not. Irregular passwords have better security.