Online Service
 Work Time
Mon to Fri :9:00-18:00
Contact us

Address: Level 26,Fortune Financial Center,No.5 Dongsanhuanzhong Rd,Chaoyang District,Beijing

Contact: Wang He

Mobile: 18601920470

Tel: 010-57750598

Fax: 010-57750350

E-mail: wanghe@ugtech.com.cn

News Detail

Five tips to strengthen server security maintenance

The computer system server maintenance work is very important, the slightest mistake will make the network paralyzed. Currently, the network often malicious network attacks, which gives the site maintenance trouble.

Malicious network attacks basically comprises two categories: First, malicious attacks, and second, malicious intrusions. If you do not prevent and counter these attacks, the server will be destroyed. Therefore, to protect the security of the network server should try to make the network server from the impact of these two acts. Now Windows2003 server operating system as an example, some of the web server security maintenance skills.

1. switch roles
Using fake documents and data thieves honeypot trap system behavior may lead to hackers continue to attack or abandon due shamed further revenge, generally mess things up honeypots confuse and warning hackers can fake documents easy getting burned.
Most of the time, if we just stand on the location of the network maintenance staff to think, may be difficult to find a web server vulnerabilities. On the contrary, such as maintenance staff from another angle, see themselves as potential attackers, from their perspective, they speculate on what means might be taken, on which the web server vulnerability to attack, may be able to find the site servers may exist security vulnerabilities, so the first step, fixing bugs, trojan or virus attack to avoid possible trouble.

Access from outside the network's own website server, perform complete testing and simulation attackers own characteristics, to see what happens. This site security is undoubtedly a good detection method. Themselves act as an attacker, using the appropriate scan tool for scanning web server properly, some of which may not pay attention to the daily information when using tools used by hackers to scan, you will find there is a service which may be called or vulnerability.


2. rational authority maintenance
Sometimes, only one server running the application site, but also to run network services such as FTP server and streaming media server and the like. It is likely to cause cross contamination between services using a variety of network services on the same server. That is, as long as the attacker attacks a service, you can use the relevant skills to capture other use. Because the attacker only break one of these services, you can use this service platform for attacks on other services from within, generally speaking, carry out an attack from the inside than from the outside is much more convenient to carry out an attack.

We usually from a cost point of view, it will run three services simultaneously on a single server: one is the traditional site service, and second, FTP services, the third is streaming service. Because these services are mms mode, the Internet can also access streaming media server directly, so we deployed on the same server. But also because the choice of server configuration is higher, so the three services run no problem, the performance is not affected.

But it gave the site defenders presented a problem: two or even two or more services are deployed on the same server, how to ensure safety and prevent another infection it?
In their daily work, we usually use the file system is FAT or FAT32. NTFS is a Microsoft Windows NT family of operating system kernel support, a special for the network and disk quotas, file encryption and other security features designed to manage the disk format. In the NTFS file system can be set individually for any access to a disk partition, the sensitive information and service information in separate partitions. Thus, even if a hacker access to services file via some method where the access disk partition, also need to find ways to break the system security settings to further access to sensitive information stored on another disk.

3. security maintenance script
In practice, because many attacks paralyzed Web server are caused due to poor script. Attackers attack especially like for CGI programs or PHP scripts. Typically, this requires the use of the site to pass some necessary parameters for proper access. This parameter can be divided into two categories: one is trusted parameters, and those parameters are not to be trusted.

For example, a unit of their own maintenance server, rather than hosting, they will be placed inside the unit firewall server, to enhance the security of the Web server. So, in general, from inside the firewall parameters it is reliable, trustworthy, and parameters from the outside is basically untrustworthy.

However, this is not to say that trusted parameter or parameters from the web server outside the firewall is not adopted, but that, at the time of the site server design, the need for extra care, the use of these parameters can not be trusted when you need to perform testing, to see whether legitimate, but not according to income is not mistaken as to the parameters from the internal Web site. This will secure Web server brings risks, for example, when an attacker use TELNET to connect to port 80, can be transmitted to the CGL parameters unsafe script.

So when in CGI programming or PHP script editor, website maintenance personnel need special care, not allowed to casually accept the strange argument. But before accepting arguments, we must first examine who provide parameters or parameters of their own legitimacy. When the program or scripting, you can add some pre-judgment condition. When the server parameters considered to provide inaccurate time, notify maintenance staff. It can also help maintain the member as soon as possible find the attacker and promptly take appropriate defensive measures.

4. good backup system
As the saying goes, be prepared for, although the site does not want the system to suddenly be destroyed, but ready or necessary. Server backup system in a timely manner, if damaged can be restored in a timely manner.

Install a software firewall, antivirus software
Although the website already have a defense system hardware, but more security will be better. About firewall, antivirus software industry discussion has been a lot, not repeat them here.

5. open the event log
Open diary service although prevent hackers and has no direct effect, but it can record the whereabouts of hackers, maintenance staff can analyze the intruder done anything hands on the system, the system which left the back door, which caused the system damage and risks, there is a server in the end what security holes, so that maintenance staff targeted implementation of server maintenance.