How do system administrators prevent hackers? We have received reliable news from abroad, and American hackers retaliate for the Chinese hacker attacks for many websites in the United States. It is negotiating the focus of attacking our governments and news stations, such as central and local advisory newspapers. The magazine website, a national affected site (such as www.netese.net, www.163.net, www.netese.net, www.sina.com.cn, etc.) and some personalized personal sites, and will continue For quite a long time, it is estimated that there are many sites that are attacked, and it is difficult to imagine. American hackers are cruel, if they attack the website, not only the contents of the web page, but also to completely damage the important system data of the invaded website. And the sensitive information of high-level permissions, especially those connected to the Internet, the real threats faced.
For the current situation, our administrators should first make the following points: 1. Back up important data and data, and place the storage devices used by the backup, rather than connecting to the Internet, this is a website or The system has been the best rescue method after malicious attack. 2. Especially important websites should be available 24 hours a network administrator duty, and take technical measures to recycle system logs, as well as changes in dynamic IP. 3. When no one is on the website, close all the computer terminal devices used by the staff on the Internet, because most hackers are often invaded from these anti-weak computer terminals, from which weak points from the website or system In turn, obtain the administrator or user password, and seize the super privileges managed by the website, thereby converting other machines in the website system. 4. Check all user passwords, especially administrators' supermoding passwords, try to make the password containing numbers, uppercase letters, symbols, etc., because the password is more than the combination, the decoding will be quite difficult, and the password length is not Less than 8 digits; in addition, you should also go to the relevant security site to download the system patch to make the system's vulnerability. The following is an excerpt of the relevant information for reference: 1. Several ways of attacked the website wants to successfully resist hackers, we must understand some details about hackers from the Internet, newspapers and magazines and related technical materials. A network-safe report survey said that approximately 20% of the units have been invaded by hackers; about 40% of the units do not have firewalls; no less than 30% hacker intrusion event is not correct. The case where the firewall is installed.
In general, the hacker invasion website is often used in such a way: ● Data Diddling ------------- Unauthorized deletion file, change its information (15.5%) ● Scanner ----- -------- Utilizing tools to find dark door vulnerabilities (15.8%) ● Sniffer -------------- listen to encryption package (11.2%) ● Denial of Service ---- --------- Make the system (16.2%) ● IP spoofing --------------- posing an IP address (12.4%) of the network within the system ● Other-- ---------- Others (13.9%) hackers are so easy to enter the system? Why are those hackers in the system installed? The most important reason: ● There are many vulnerabilities in the system itself. (Dark door) ● The past hacker is mostly a single horses, but now due to the popularity of the Internet, the contact between hackers is more convenient, and it is often adopted "bordering robbery". It is said that the United States has a "massacre 2600 (Genocide 2600) "The hacker organization now has more than 1.5 million members. They rooted in the northwest of the United States and began to expand to the east coast area. They are from all walks of life, age from 14 to 52 years old. ● INTERNET Many ready-made hacker tools, such as "rootkit", "Satan", etc. These programs are a tool for hackers. It is convenient to use the tools; Several hacking software works, referring to the difficulty of password decipherment, to solve the time required for the time of ordering, listing the common way of dangerous password: user name (account number) as a password; user name (account number) Transform form as a password; use birthday as a password; common English word as a password; 5-bit or 5-bit characters as a password. Therefore, we should follow the following principles when setting your password: ● Password should include uppercase letters, The control is better; ● Passwords should not be too regular; ● should be kept secret and often change the password. The worst password is a password with obvious characteristics, do not circulate the use of old passwords; ● At least 90 days to change all passwords Once, for those passwords with high security privileges, it should be changed frequently. ● All the defaults should be removed from the system, if the server is established, pay attention to identifying a guest, manager, service Waiting for the password and immediately change these passwords; ● If you receive a password that receives two errors, you should disconnect the system connection ● You should cancel the account of the employee of the job and the useless account; ● In the verification process, the password must not Clear Mode transmission; ● Passwords are not placed in the system clearly, make sure the password is written on the hard disk in encrypted form and contains the password. ● The user entered the clear password, the time in memory is as shortened as possible, After using it, it is destroyed; ● One authentication is limited to the login, its life is equal; ● Other verification processes in the network are transparent to the user in addition to the user input password preparation, other verification processes in the network are transparent. We are so Emphasizing the importance of password settings because the results of the website security survey show that more than 80% of security violations are caused by the people's choice of poor passwords. In this way, we can inform, 80% of invasion can be selected The password is blocked. 2. What kind of operational power is made to the implementation of the access control access control. Acquisition control is an important aspect of the internal network security theory, including personnel permissions, data identity, permission control, Control type, risk analysis and other content. 3. Guarantee data integrity integrity is in the data processing, maintain a fully consistent certificate between the original data and the current data. Generally commonly used digital signatures and data encryption algorithms to ensure. 4. Make sure the data is securely encrypt through the encryption algorithm and use digital signature and authentication to ensure data security. 5. The server system that can be selected using a secure server system is much available: UNIX, WindowsNT, Novell , Intranet, etc., but key servers are best to use UNIX systems. 6. Carefully lack of security applications and ports 7. Regular analysis system logs This type of analysis tool can be seen everywhere in Unix. NT Server users can now use Intrusion Detection Kane Secu- Rity Analyst (KSA) to do this. For more details, you can view the address for http;
