【 Weak current college 】 system administrator how to prevent hacker attacks

Administrators should first do the following:
1. on the main data and information on the full implementation of backup and backup storage device itself, and not even on the Internet, this is the site or system after malicious attack is the best rescue essentials.
2. the special main site to do 24-hour network administrator on duty and take skills method loops to check the system log, as well as dynamic IP changes.
3. unattended site, close all the Internet for staff use computer terminals, because the vast majority of hackers attacks are often weak from the preparedness of computer terminal intrusion, find a site or system weaknesses and thereby obtain the administrator or user password, and capture the site management of the Super privilege to go attack site systems within the other machine.
4. check all user passwords, especially the Super Administrator, try to do the permissions password to password simultaneously contain numbers, lowercase letters, symbols, etc, because password combination than decoding will be very difficult, and the password length must not be less than 8 bits; also often go to the secure download system patches, to the extent possible, the system's vulnerability.
The following is an extract from the material, for reference:
I. site attacked a few form
Want to successfully resist hackers, we must move from the Internet, newspapers and magazines and related skills information on some of the information about hackers and delicate situation. A report based on network security survey says: the Internet is about 20% of the units have been hacker intrusion; approximately 40% of the units do not have to install a firewall (Firewall); not less than 30% of hacker intrusion event is not correctly installed firewall. In General, hacking sites commonly used several forms such as:
◆ DataDiddling-------------unauthorized delete files, modify its data (15.5%)
◆ Scanner-------------tool to find hidden vulnerability (15.8%)br>◆ Sniffer--------------listen to encrypt the packets (11.2%)
◆ DenialofService-------------the system crashes (16.2%)
◆ IPSpoofing---------------posing as a system of IP addresses within the network (12.4%)
◆ The Other------------other (13.9%)
Why is it so easy for hackers to enter the system? why those installed firewall systems will be hacking? the main reasons are:
¡Ô system itself, there are many loopholes exist (hidden)
◆ In the past, hackers mostly alone, but now due to the popularity of the Internet, allowing hackers to liaise between the more convenient, which often take the partnership robbers "intrusion forms. United States have a known as a" Holocaust 2600 (Genocide2600) "hacker organization, now has 150 000 members in the United States they are rooted in the Northwest and Alaska region, and to the East Coast region extension. they come from all walks of life, aged from 14 to 52-year-old.
◆ The Internet there are many out-of-the-hacking tools software, for example "Rootkit", "Satan" and so on, these procedures become hacker tools easy to use;
◆ To incorrect forms installed firewall.
II. prepare for hacking method
1. choose a secure password
According to a dozen of hacker software works, refer to how to decipher a password in order to solve the needs of time to sort index, here is a list of common use in the form of dangerous password: user name (account number) as the password for the user name (account) of the transform application form as a password; password; commonly used as the birthday of English words as passwords; 5-digit or 5-digit following characters for the password.
Therefore, we should configure password follows the following principles:
◆ Password should include uppercase and lowercase letters, there are control characters better;
• Password should not be too general;
◆ Should keep the password secret and often change password. worst password is the password with distinct characteristics, do not use the old password loop; * at least once every 90 days to all password changes, for those who have the password for the high security privileges should be frequently changed.
◆ Should put all the default are removed from the system, if the server is a service company, to keep an eye out similar GUEST, MANAGER, SERVICE, and password and immediately change the password;
◆ If you receive two incorrect password should disconnect the system connection
◆ Should promptly cancel out or stop the work of the employee's account number and useless account number;
¡Ô in the validation process, the password is not transmitted in clear text;
◆ Password must not be stored in clear text in the system, make sure that the password in encrypted form and write on your hard disk and contains a password file is read-only;
◆ Express password entered by the user, time of stay in memory as short as possible, with timely destruction after;
◆ An authentication only when you log on (login), its life to the session length equivalent;
◆ In addition to the user to enter the password for logon, network, other validation process is transparent to the user.
We have so emphasized the main password configuration, because on site security survey results show; more than 80% of security violations are because of people use bad password as a result of such, we can infer that 80% of intrusion can choose a good password to block.
2. implementation of depositTake control
Access control requirements which subjects to which the powers with which the action is internal. access control network security key aspects of the theory, it includes staff permissions, data identification, access control, control type, such as the crisis of .3. ensure that the integrity of the data
Integrity is in data processing, in the original data and existing data between identical proof means. General common digital signatures and data encryption to guarantee.
4. ensuring data security
Through the encryption algorithm to encrypt the data processing process execution, and using digital signatures and certification to ensure data security.
5. the use of secure server system
Now you can choose the server system is a lot of: UNIX, WindowsNT, Novell, Intranet, and so on, but the key server is the best use of the UNIX system.
6. carefully open the lack of security guarantees for the use and port
7. the regular analysis of system logs
This type of analysis tools in UNIX users now ubiquitous .NTServer can use IntrusionDetection KaneSecu-company
RityAnalyst (KSA) to perform this work. for more details you can view the address for http;//www.intmsion.com site.
8. keep a complete server system's safety performance
Many server system are found many vulnerabilities, Service Association announced the online system patches in order to guarantee the security of the system, should pay attention to these information, timely and complete their own system.
9. exclusion of human factors
Then a complete security system that does not have sufficient security awareness and skills of staff often maintenance, security will be compromised.