Shulou(Shulou.com)06/02 Report--

This article introduces the relevant knowledge of "what are the problems about system security?" in the operation of actual cases, many people will encounter such a dilemma, and then let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

Text

The host system is the key carrier of the information system, and the system security is an important part of the technical system level protection. if the system is not configured properly, it may cause hackers to exploit system vulnerabilities, which may lead to system privilege escalation, unauthorized access, software or service crash, virus Trojans and so on.

Today let's talk about the topic of system security.

How?

First, what should we know?

Confirm the corresponding information and requirements of the system according to the company's business system

For example, when installing the operating system:

What system is installed? Centos? Or windows?

Does the system need to configure automatic updates?

Do you want to install it with one click? Network installation? Or is it installed locally?

What are the requirements for the installed version of the program?

Is there any requirement for the production environment?

Do you want to minimize installation?

Second, you want to know what we should control?

Confirm how to do prevention and control according to the demand

For example, in terms of security policy:

Does the user log in through the fortress machine?

What method is used for verification? Do you log in with an OTP? If you use a static password, does it meet the password policy requirements?

How to manage the server account? Whether or not through authorization, what is the way of authorization? Is online approval required? Can ROOT users log in remotely?

In terms of audit, is there an effective means to audit the login account? What do I need to audit? Is it tamper-proof?

Third, we can do something for the realization of systematization.

To do more, to take one more step, in one word, is ultimately to realize the security vision, that is, the big cake drawn by the viewing officers for the bosses.

For example, add some other ideas:

What does a CVM do? How to standardize?

Should it be managed uniformly? What about patch management and change management?

Do you want to install other secure agent, such as HIDS, in preparation for the subsequent security incident management platform?

Is the image and the installed program secure and reliable? Do you have your own yum library? Is it maintained by special personnel? Would you like to participate in the production of the mirror image? Do you want to put the security agnet in it? Do you want to make a process on the way?

The author believes that system security is a very important link in the whole information security technology system, and of course it is also an indispensable layer in in-depth defense, which requires reasonable and effective management.

The author suggests that the basic security measures of system security are as follows:

Standardized installation, the security department participates in the production of the image and adds the security configuration to the image

Minimize installation principles, shut down useless ports and services, and reduce attack drawings

Dynamic password login, use fortress machine, increase security audit

Security configuration script, at the same time modify the corresponding prompt information, confuse opponents and increase deterrence

Install HIDS, find abnormality, deal with it in time, improve emergency response ability

Update the patch in time, the patch needs to be verified and grayscale, there should be a process of patch and change

This is the end of the content of "what are the issues about system security"? thank you for your reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.