Hacker protection if you want to protect system security against hackers we need to do the first step should be the prevention of work to do ahead of time.
As a system administrator must ensure that their management system in security vulnerabilities. This does not give an illegal user. Ahead of preventive, I think there are the following points: first, ahead of close all possible system back door to prevent intruders exploit vulnerabilities in the system. For example, use the "rpcinfo-p" to check the machine is running some unnecessary remote services. Once found, immediately quit, so as not to give illegal user left system of backdoor. Second, verify that the system which is running a new Linux and Unix daemon. Because the old daemon allows other machines remotely run some illegal orders. Third, regularly from the operating system manufacturer access to security patches. Fourth, strengthen the security of the system setup program, such as: Shadowpassword, TCPwrappet, SSH, PGP, etc. Fifth, you can build a network firewall, preventing network attacks. Sixth, with scanning tool vulnerability detection system to test host vulnerable. Seventh, the number of subscriptions to a number of security advisories, multiple access secure site to obtain timely safety information to patch the system software and hardware vulnerabilities. Even though the preventive work done or for gist. With the continuous development of network technologies, hackers level also in progress. Their means of attack is emerging in many unexpected things will happen, so we do prevention work, daily security checks on the system. In particular, as a system administrator should always go to the observation system changes, such as a system process, file, time, etc. Specifically, security checks on the system has the following methods: 1, taking full advantage of Linux and UNIX systems built-in check command to test the system. For example, the following commands in Linux and UNIX systems would be very useful:-who, see who login to the system;-w, see who log on to the system, and what to do;-last, display system has been logged on user and TTYS;-history, shows the system is running in the past;-netstat command, you can view current network status;-top, dynamic real-time view system processes;-finger, view all of the login user; 2, periodically check the system log, file, time, and process information. Such as:-check/var/log/messages log file to see the external user's login status;-check user directory under landing/home/username history file (e.g. .history file);-check user directory/home/username .rhosts, .forward file remote login;-use the "find/-ctime-2-ctime + 1-ls" command to view two days to modify some files;-use the "view" command to ls-lac file real modified;-cmpfile1file2 "command" to compare file size changes;-protect critical system commands, processes, and the configuration file to prevent an intruder to replace the access rights to modify the system. Of course, in order to guarantee the absolute security of the system, apart from preventive and safety inspection, but also fosters a guarantee system, the good habit of network security. This is regularly scheduled to do a complete data backup. There is a complete data backup, under attack or system failure can be quickly restored system. For virus intrusion security now DOS, Windows9X/Me/NT/2000/XP system virus is very popular, but they almost never heard in Linux or UNIX system has a virus, and even some people think that Linux or UNIX system without the presence of the virus. In fact, this is a big mistake. In fact the world's first computer virus is Unix. If a Linux system in the event of a virus spread, the consequences will be disastrous. Now many viruses use the standard C programs to write, to adapt to any kind of Linux and UNIX operating systems. And they can be used to make cross-platform compilation. Although WindowsNT/2000 and Linux, and UNIX system is a very advanced protection mechanisms of the system, you can prevent most of the virus infection, but not all. Therefore, for a Linux system, it is not without danger of computer viruses. For example, Morris, Ramen, Lion, worms have used on Linux or Unix systems too. Generally most of Linux network mainly consists of one or more computers to install the Linux operating system of the server or WebServer, FTPServer do usually have MailServer. Current workstation-mostly installed Windows9X/Me/NT/2000/XP, the operating system of your computer. The Linux network computer virus protection mainly protection based on a single workstation. You can install on a Linux server with Samba services, use virus scanning tools from a secure workstation regularly on server disk file is scanned, so as to achieve the purpose of anti-virus protection. Computer virus is a computer manufacturer and the Government of the most headache problem, according to estimates there are about thousands of viruses on your computer, but what would a day out of the three newComputer viruses. Currently, most computers use software to control the virus, use virus firewall but less than half, this makes your computer infected the opportunity increases. Usually these computer virus infection from the intranet, this means that the company might have many computers have been infected. In difficult circumstances, the only time that computer health, no exception occurs, is to ensure that the information is not compromised. All in all, doing a system security is very important to enterprises, is imperative.
No comments:
Post a Comment