【 Weak current College 】 hackers attacking with detailed solution (2)

Second, the firewall technology

Firewalls are used to protect internal networks from external network attacks and intrusions, to prevent computer-related crime, the intruders away network security technology. Firewall is the internal network and external network boundaries, it is able to closely monitoring a turnover boundary of packet information, be able to stop the invader, strictly limit the external network to access the internal network, you can effectively monitor the internal network to access the external network.

Third, the intrusion detection technology

Intrusion detection technology is the network security technology and information technology products. Use intrusion detection technology to real-time monitoring of certain areas of the network system, when the region was attacked, able to detect and respond immediately.

Intrusion detection with dynamic and static, dynamic detection, prevention, and audit to restore and static detection.

IV. security scan

Security scan is a computer system or other network device related security detection to find security vulnerabilities and may be exploited. From the role of the security scan, it is both a guarantee that your computer system and network security essential technical skill, and attackers attack system technology means that system administrators use security scanning technology can eliminate the vulnerability, the attacker's invasion, and the attacker is using security scan to search for intrusion system and networking opportunities.

Security scan is divided into two kinds of active and passive. Proactive security scan is a Web-based, mainly by simulating an attack records system reaction to discover network vulnerability scanning, this is called a network security scan, and passive security scan is a host-based, mainly by examining the system inappropriate settings, vulnerability, and others with the security rules that are incompatible with the object to identify system vulnerabilities, such as system security scan to scan.

Security scan detection technology involved mainly in the following four:

(1) the detection technology based applications. It uses a passive, non-destructive way to check the settings of the application package, found the security vulnerability.

(2) host-based detection technology. It uses a passive, non-destructive approach to systems for testing. Typically, it involves the system kernel, the attributes of a file, the operating system patches.

This technology also includes password decryption, put some simple password. Thus, this technique can be very accurate positioning system, discovery system vulnerabilities. The disadvantage is platform-dependent, and upgrade complex.

(3) based on the goals of vulnerability detection technology. It uses a passive, non-destructive way to check your system properties and file properties, such as databases, registration number, etc. Through the message digest algorithm, the number of encrypted files. This technology is running in a loop, constantly processing files, system goal, Department of

Marketing target properties, and then produce a test number, the test number and the original test number. Once you find change notify an administrator.

(4) based on the network detection technology, it takes a positive, non-destructive approach to the inspection system is likely to be attacked and crash. It utilizes a series of scripts that simulate an attack on the system, and then analyze the results. It is also against the known network vulnerabilities. Network detection technology is often used to conduct penetration testing and security audit. This technology can identify a range of platforms, is easy to install. However, it can affect network performance.

Security scanning technology is gradually to modular and expert system in one of two ways.

The modular aspect, the entire security scanning system consists of several plug-ins, each plug-in package one or more vulnerability scanning

Skills to master the scanning process by calling the plugin's skills to perform a scan task. System updates, simply add new plugins can add new scan. In addition, because the plug-in's standardization and normalization, makes security scanning system with strong flexibility, scalability and maintainability.

In expert systems, security scan to scan results are collated, the formation of the report, while specific vulnerability propose appropriate solutions. As security scanning technology, the hope security scanning system to be able to carry out an overall assessment of network conditions, and for the entire network security solutions. The future of the system, not just a vulnerability scanning tools, also should be a safety assessment experts.