Shulou(Shulou.com)06/02 Report--

Ten misunderstandings of server management

Problems with the use of 1.UPS (Uninterruptible Power supply)

A store is squeezing the last life of its network system. Although the old server could hardly meet the needs of store operations, operators were reluctant to even replace the battery in the UPS, which should in fact be replaced every two years. Finally, one day there was a sudden power outage, and the UPS was so old that it could no longer control the safe shutdown of the server. Most of the battery has long been exhausted, so it soon ran out of power. As a result, the controller for preventing and controlling abnormal situations failed to shut down the server normally. The daily normal operation and transaction of the store depends on this server. It took three days to repair the server, and it took longer to make up for the loss. In fact, a battery worth as little as $75 can effectively prevent this from happening.

two。 Didn't sort out what you needed.

A phone call to the company headquarters said that there was something wrong with the server in a branch office, and the network administrator rushed out of the office and drove for an hour to the accident site. As a result, he found that part of the operating system file was destroyed, so all he could do was reinstall the operating system. The network administrator of the branch can't find the installation disk at the moment, it doesn't matter, the administrator of the headquarters has it, but he is in his office-one hour one way from here and two hours round trip. Pack a backpack and take it with you. Everything you might need, including the backup of the operating system used by your users, should be in your backpack. This is easy to do, does not cost anything, but can play a key role in issues such as updating the operating system.

3. No patch installed

A toymaker's server connection went wrong, causing all staff to lose contact with their files and forcing production to stop for two days. The loss is heavy! A newly hired network administrator is in charge of solving the crisis. He soon discovered that former network administrators did not install patches when they installed the system three years ago.

Patches are free and may not be open, but they are usually easy to configure and can be done by any system administrator. The previous administrator said that because the system was running well, no patches were needed. This is obviously very irresponsible.

4. Improper backup work

A server in a hospital office that stores a lot of medical files and medical records has malfunctioned. Because there is no information on the server that can be accessed, the operation of the office is basically stopped. The network administrator immediately took out a tape of the backup document and tried to repair it. Her heart sank when she found that the tape was empty. She checked the other backup tape, and it was all empty! She checked the logs in the office and found that her colleagues had changed the backup tape every day for two years, only that the tape had been put into the server where the backup software had never been installed, and no one knew that the backup had a problem, because no one had ever checked it. Just keep changing the blank backup tape every day for two years. This incident took a heavy toll on the hospital. In fact, as long as any database administrator to do a simple backup check can avoid such a major problem. In fact, they are doing it every day.

5. Shoddy cable engineering

A bank's network is often out of order, so they specially checked the wiring box and found that many RJ-11 and RJ-12 plugs were plugged into RJ-45 sockets. And a toothpick is inserted into each socket, so it's no wonder there's something wrong with the cable. Many network problems are blamed on inappropriate cable connections, so savvy managers had better ask licensed, guaranteed and trusted cable contractors to connect the cable lines.

6. The equipment changes hands too many times, which causes internal problems.

A professional sports group bought a brand-name server, but it went wrong as soon as it started working. The network administrator requests help to the operating system manufacturer and the hardware manufacturer. It was later discovered that the reseller who provided the "brand-name" server configured the server with non-brand-name memory, non-brand-name disk controllers, and non-brand-name external disk drives, simply because these components were cheaper. The hardware manufacturer and operating system manufacturer refused to provide support because the server was confused by some non-brand-name components and its structure was not easy to be identified.

7. No authorization contract was signed.

An office spent a lot of cash on servers last year. The system has RAID5 redundancy protection, dual power supplies and 24 × 7 support, and a year later, the drive broke down. When the staff member who guaranteed 24 × 7 support arrived, he called the hardware manufacturer and asked him what the contract number was, and the office had not signed a licensing contract before. "it doesn't matter," the manufacturer said. "they have two years to go before the license expires. I will replace your drive in five or six days."

However, the manufacturer's tolerance is far from enough. It's best to make sure you have a full set of 24 × 7 support, go to an office supplies store to buy a label, write the license contract number and technical support phone number on each label, and then paste them on each machine.

8. No test environment is established

A few years ago, a software development company installed a new workstation, which uses the fastest random access memory, the fastest hard drive and the fastest processor, which will serve as the chairman's new workstation. Shortly after the installation was completed, the chairman accepted a request from his largest partner firm to test the communication platform of the new man-made space station, which resulted in a blue screen. When he was surprised to restart the computer, there was nothing inside. After rebuilding the system, it took him another four days to get rid of the pile of operating instructions.

The chairman of another company was smart enough to build a test network. Before the system upgrade, they will do experiments on the test network, find errors again and again, and set the network over and over again until it is completely correct. Only when the test results are completely correct will they really carry out the system upgrade. The chairman of the first company no longer uses his server as a tester.

9. Storage capacity is poorly planned

When an art company bought a server five years ago, it could support six 8G-byteRAIDArray5 drives. To save money, the company insisted on buying only four 4G-byte drives. The network administrator said that soon they would need more space, and the company finally gave in and bought two more drives, thus ending the matter. Three years later they had such a serious shortage of space that they even had to delete small files with only 50Kbyte. They desperately needed to expand their capacity, when 8G-byte drives were no longer available and larger servers could not support them. A new additional subsystem that can solve the problem will require more money than the original server. In this way, they had to replace the server two years earlier than planned. Therefore, making a good storage capacity plan will save you money and may even greatly extend the life of your system.

10. Wrong operation is the biggest hidden danger.

The power to the office was suddenly cut off in the afternoon, and the nervous office manager thought it would damage their two servers, so he took quick action-he went over and turned off all the servers. When he got home, he was proud of his quick action. But the next morning, when he returned to his office and turned on two servers, he found that there was nothing in it. In fact, when he pressed the server switch yesterday, the server was in the middle of a complex update of critical files, and when he suspended the work of one server, it affected the storage of another server's critical database. As a result, it took two days to repair the network.

Security maintenance skills of Network Server

First of all, we can analyze that the malicious network behavior against the network server includes two aspects: one is the malicious attack, such as denial of service attack, network virus and so on, which are designed to consume the server resources. affect the normal operation of the server, and even the paralysis of the network where the server is located The other is malicious intrusion, which will lead to the disclosure of sensitive information of the server, and the intruder can do whatever he wants and destroy the server wantonly. Therefore, to ensure the security of the network server can be said to minimize the impact of these two behaviors on the network server.

Based on the market share of servers based on windows operating system in China and the Chinese people's understanding of the operating system, I would like to talk about some personal opinions on maintaining the security of windows network servers.

How to prevent the network server from those malicious attacks on the Internet

(1) build your hardware security defense system

Choose a set of good security system model. A complete security model should include the following necessary components: firewall, intrusion detection system, routing system and so on.

Firewalls play a security role in security systems, which can largely guarantee illegal access from the network and data traffic attacks, such as denial of service attacks, while intrusion detection systems play the role of a monitor. monitor your server entrances and exits and intelligently filter out intrusive and aggressive visits.

(2) choose an English operating system

You know, windows, after all, belongs to Microsoft in the United States, and Microsoft has always been famous for its Bug and Patch. The Chinese version of Bug is far more than the English version, and the Chinese version of the patch is always later than the English version. That is to say, if your server is installed with a Chinese version of windows, you will have to wait a while before you can fix the patch after the Microsoft vulnerability is announced. Maybe hackers and viruses use this time to invade your system.

How to prevent network servers from being hacked:

First of all, as a hacker admirer, I would like to say that there is no absolutely secure system in the world. We can only try our best to avoid invasion and minimize casualties.

(I) adopt the NTFS file system format

As we all know, the file system we usually use is FAT or FAT32,NTFS, which is supported by the series operating systems of Microsoft Windows NT kernel and is specially designed for network and disk quotas, file encryption and other management security features. In the NTFS file system, you can set access permissions separately for any disk partition. Put your own sensitive information and service information on different disk partitions. In this way, even if hackers gain access to the disk partition where your service files are located in some way, they still need to find ways to break through the security settings of the system in order to further access sensitive information saved on other disks.

(2) make a good backup of the system

As the saying goes, "be prepared for trouble." although no one wants the system to be suddenly damaged, they are not afraid of 10,000, just in case, make a backup of the server system, and it can be restored in time in case of damage.

(3) turn off unnecessary services and open only the ports that should be opened

Shut down those unnecessary services and do a good job of local management and group management. There are many default services in the Windows system that are unnecessary or even dangerous, such as the default shared remote registry access (Remote Registry Service), where many sensitive information is written in the registry, such as the encrypted password of pcanywhere.

Shut down those unnecessary ports. Some seemingly unnecessary ports can indeed reveal a lot of sensitive information about the operating system to hackers, such as the IIS service enabled by windows 2000 server by default to tell each other that your operating system is windows 2000. Port 69 tells hackers that your operating system is most likely linux or unix, because 69 is the default port used by tftp services under these operating systems. Further access to the port can also return some information about the software and its version on the server, which are of great help to the hacker's intrusion. In addition, the open port is more likely to become a portal for hackers to enter the server.

In short, good TCP/IP port filtering not only helps to prevent hackers from invading, but also helps to prevent viruses.

(4) Software firewall and antivirus software

Although we already have a hardware defense system, it is not a bad thing to have more bodyguards.

(5) Open your event log

Although it is said that turning on the log service does not play a direct role in preventing hackers from invading, through recording the whereabouts of hackers, we can analyze what the intruders have done on our system, what damage and hidden dangers have been caused to our system, what kind of back doors have hackers left on our system, what security vulnerabilities still exist in our servers, and so on. If you are a master, you can also set up secret cans, wait for hackers to invade, and catch him red-handed when he invades.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.