Address: Level 26,Fortune Financial Center,No.5 Dongsanhuanzhong Rd,Chaoyang District,Beijing
Contact: Wang He
Research on computer network information security and Countermeasures
1 vulnerable network information security (1) the Internet itself has a lot of security flaws, these defects are caused by the network information security is the root cause of the vulnerability. Vulnerable Internet is reflected in the Internet design, implementation and maintenance of all aspects of. The Internet at the beginning of the design only for a higher credibility of users, therefore, the design stage and did not fully take into account the potential security threat; the implementation stage, between the Internet and computer system, there are many loopholes, the complexity of software and software error probability is proportional, due to a number of columns the software becomes more complex, the security vulnerabilities also showed an increasing trend, and become more and more complex; the main goal of maintaining security vulnerabilities generated during the safety is affected by the attack, due to the maintenance staff technical level restrictions, maintenance workload and other objective factors, the system’s own security mechanism has not been fully exploited, causing the network security is extremely fragile. (2) the Internet network is based on the TCP\/IP universal communication protocol, which is an open Internet network platform. The Internet is not affected by the restrictions of various computer platforms, platform can access the Internet through certain media network, if not by the addition of restriction policies, every corner of the world can access the Internet access. Security risks are also not affected by the platform, the geographical location of the restrictions, can be reached through the open Internet to any corner of the world. (3) it is very difficult to manage the Internet. The Internet network management more difficult, mainly because of the technology is frequently updated, rapid expansion of , network security management is a complicated work, need a lot of manpower, material resources and financial resources. Network security attack is not limited by national boundaries, but the network security management is affected by geography, political, national, cultural and other factors, transnational network security attacks, tracking investigation very difficult. (4) the common network security attack is also one of the main contents of network security vulnerability. With the development of Internet technology, network security becomes more and more simple measures of attack, attack have become more common, at the same time the harmfulness of security attacks is increasing, network security becomes very common. 2 network attacks the general steps (1) to hide their location. Network security attacker typically will own the IP address of the computer network to hide out, the police found it more difficult, no transfer service technology experienced an attacker can even through 800 telephone connections on ISP, in order to steal someone’s network account online. (2) search the target host and carry on the analysis to the target host. Safety analysis of the attacker first need to search the target host and carry on the target host, the IP address is the key to identification of the host, the domain name is the electronic azimuth mark IP address, the IP address and domain name can be convenient to locate the target host security attacks will target host analysis by scanning software. Such as access to the target host installed version of the operating system, system type, account information, FTP and SMTP version of the application information, prepare for the next step of invasion. (3) to steal user accounts and passwords, the successful invasion of the target host. Then the network security attacker will use all the technical measures to steal the target host user account name and password, no account and password attackers unable to login to the destination host, once access to the user account and password, the network attacker will at the appropriate time the invasion of the target host, in addition, attackers will often use loopholes in the system or high-end professional the tool successfully penetrated the target host. (4) to obtain the control right of the target host. Network attacker after the successful invasion of the target host, will use Telnet or FTP and other tools to get the control of the target host, and then the attacker will clear the invasion records and leave the backdoor program in the system. The attacker will change the key settings in the system, the implantation of certain remote control procedures, as well as Troy Trojan program for the next invasion to be fully prepared. 3 common network attack method (1) password invasion. Password invasion specifically refers to the network attacker using legitimate target host account number and password of the implementation of intrusion and intrusion after the success can be all kinds of attacks, the precondition of this kind of attack method is the attacker first to get the target host of the legitimate account, and can successfully decipher the user account password. (2) implanted Troy Trojan program. Troy Trojans everywhere, can be hidden in the attachment, download resources, web information medium, once the user through a way to get to the Troy Trojans, the program will automatically quietly execution, when the user in the networking process, the program will take the initiative to your IP address and preset the port number information to the attacker, the attacker after obtaining this information, then set parameters, through this program can freely modify the target host copy of all content files, into the hard disk, in order to achieve the purpose of controlling the target host. (3) WWW deception technology. WWW spoofing refers to the user access to the WEB network resource has been tampered with, the attacker WEB the above information is not true, if the attacker has the user to browse the WEB URL address will be redirected to the attacker’s server address, when the user requests the page access request is actually the attacker’s URL. In order to achieve the purpose of deceiving users. (4) EMAIL attack. EMAIL has become the most widely used communication tools, network attacker can by CGI program or EMAIL program to send bombs attacked e-mail spam, the target mailbox full collapse. EMAIL attack has the advantages of quick, easy to operate and so on. 4 common network attacks to deal with measures (1) to improve their security awareness. Don’t turn on the people who are not familiar with the procedures for transfer to you, why not clear junk files or EMAIL to ignore or delete, when downloading games or some software to go to the website of professional, for unknown procedures do not download, for their own account need to set more complex passwords, such as Chinese and English, special characters, digital mixed use, the system loopholes to timely patch, no special need not to open the hacker program. (2) the use of professional anti hacker, anti attack, such as firewall software. The firewall is one of the most important hardware in the network topology, but also to ensure the network security barrier, therefore, to build the network communication monitoring system in the network topology on the intranet and extranet can be effectively isolated, external network security attacks shut out. (3) using proxy server, hide their host IP address. IP address is the unique identifier of the access network, and the IP address is a fatal injury. In fact, if the IP address of the host is not an attacker, even if the host implanted virus, can not invade their hosts, the proxy server is the best method to protect the IP address, when the proxy server requests a service network outside the network will be the first to receive the application, then, according to the type of service request is outside the service object, service content, service scope, the applicant’s domain name for the time to determine whether the service can accept , only when the proxy server receives the request to the network to receive network. (4) the daily work is frequently hacking, antivirus. Host to install a good performance of anti-virus software, virus database to be updated frequently, anti-virus components to be updated regularly, to develop the boot will open the habit of anti-virus software. (5) prevent trouble before it happens to be vigilant. Hackers usually choose a specific date or event to attack, the user should be vigilant in this period of time, the time to prevent the host hacker attacks. (6) data backup. For very important accounts, passwords, and personal information to carry out strict protection measures, and to develop a good habit of backing up important information. 5 Summary of network information security is a national security and sovereignty, social stability, national cultural heritage and carry forward the important issues. Its importance is becoming more and more important with the acceleration of global information. Network information security is a comprehensive discipline involving computer science, network technology, communication technology, cryptography, information security technology, applied mathematics, number theory, information theory and other disciplines. The ultimate goal of network security is the network system hardware, system software and data protected. The reason is not due to accidental or malicious destruction of change, leakage, make the system reliable normal operation, the network service is not interrupted.