Address: Level 26,Fortune Financial Center,No.5 Dongsanhuanzhong Rd,Chaoyang District,Beijing
Contact: Wang He
Five tips to strengthen server security maintenance
The computer system server maintenance work is very important, the slightest mistake will make the network paralyzed. Currently, the network often malicious network attacks, which gives the site maintenance trouble.
Malicious network attacks basically comprises two categories: First, malicious attacks, and second, malicious intrusions. If you do not prevent and counter these attacks, the server will be destroyed. Therefore, to protect the security of the network server should try to make the network server from the impact of these two acts. Now Windows2003 server operating system as an example, some of the web server security maintenance skills.
1. switch roles
Access from outside the network's own website server, perform complete testing and simulation attackers own characteristics, to see what happens. This site security is undoubtedly a good detection method. Themselves act as an attacker, using the appropriate scan tool for scanning web server properly, some of which may not pay attention to the daily information when using tools used by hackers to scan, you will find there is a service which may be called or vulnerability.
2. rational authority maintenance
We usually from a cost point of view, it will run three services simultaneously on a single server: one is the traditional site service, and second, FTP services, the third is streaming service. Because these services are mms mode, the Internet can also access streaming media server directly, so we deployed on the same server. But also because the choice of server configuration is higher, so the three services run no problem, the performance is not affected.
But it gave the site defenders presented a problem: two or even two or more services are deployed on the same server, how to ensure safety and prevent another infection it?
3. security maintenance script
For example, a unit of their own maintenance server, rather than hosting, they will be placed inside the unit firewall server, to enhance the security of the Web server. So, in general, from inside the firewall parameters it is reliable, trustworthy, and parameters from the outside is basically untrustworthy.
However, this is not to say that trusted parameter or parameters from the web server outside the firewall is not adopted, but that, at the time of the site server design, the need for extra care, the use of these parameters can not be trusted when you need to perform testing, to see whether legitimate, but not according to income is not mistaken as to the parameters from the internal Web site. This will secure Web server brings risks, for example, when an attacker use TELNET to connect to port 80, can be transmitted to the CGL parameters unsafe script.
So when in CGI programming or PHP script editor, website maintenance personnel need special care, not allowed to casually accept the strange argument. But before accepting arguments, we must first examine who provide parameters or parameters of their own legitimacy. When the program or scripting, you can add some pre-judgment condition. When the server parameters considered to provide inaccurate time, notify maintenance staff. It can also help maintain the member as soon as possible find the attacker and promptly take appropriate defensive measures.
4. good backup system
Install a software firewall, antivirus software
5. open the event log