Shulou(Shulou.com)05/31 Report--

This article analyzes with you "what are the five tips for maintaining server security". The content is detailed and easy to understand. Friends interested in "What are the five skills to maintain server security?" can read it slowly and deeply along with the ideas of Xiaobian. I hope it can help everyone after reading. Let's follow Xiaobian to learn in depth the knowledge of "What are the five skills of maintaining server security?"

Nowadays, the protection of important data is getting more and more attention, and in recent years, the risk of server security has also increased relatively. Whether it's a growing number of viruses, malicious hackers, or commercial thefts, servers are the primary target for information. Obviously, server security issues cannot be ignored. Here are five tips for maintaining server security.

Tip 1: Start with the basics

When talking about the security of network servers, especially when hackers launch attacks on the network, they will first check whether there are general security vulnerabilities, and then consider the more difficult to break through the security system. Therefore, when all the data on the server exists in a FAT disk partition, even installing security software will not help much to protect the data. Therefore, all disk partitions containing sensitive data on the server are converted to NTFS format, and all anti-virus software needs to be updated in time. Limit access to the network

Another good way to protect the network is to limit the amount of time users can access the network based on the amount of time they spend in the company. For example, a temporary employee who normally works during the day should not be allowed to access the network at 3 a.m. unless that employee's supervisor tells you it's for a special project. And the main thing to remember is that users need passwords to access anything on the entire network. You have to force people to use strong passwords that consist of upper and lower case letters, numbers, and special characters.

Tip 2: Protect your backups

Every good network administrator backs up network servers every day and keeps records off-site to protect against unexpected disasters. However, the security issue goes beyond just backups. Most people don't realize that your backup is actually a huge security hole. But the human factor is hard to control, and how to prevent someone from stealing data from your tape records and recovering it from a server is a crucial test of security. The backup is effectively protected by password protection of the tape and encryption of the data if the backup program supports encryption. Second, change the time at which the backup program completes its work. In that case, even if someone tried to steal the tape, it would be meaningless to force it away because the tape was in use.

Tip 3: Use Callback on RAS

One of the features of Windows NT on servers is support for Remote Access (RAS). A RAS server is also a handy tool for hackers trying to gain access to the system. How remote users use RAS is critical. If remote users often call the host from a fixed location, using the callback feature is a good way to ensure that remote users log in and disconnect. The RAS server then dials a predefined phone number to reconnect the user.

Another alternative is to restrict access to a single server to all remote users. Place data that users typically access on a special share point on the RAS server. Remote users can be restricted to one server rather than the entire network. In this way, even if hackers gain access to the mainframe by means of sabotage, they will be isolated on a single machine, where the damage they cause is minimized.

A final tip is to take advantage of protocol changes on your RAS server. Considering the nature and typical use of TCP/IP, RAS also supports IPX/SPXNetBEUI protocol. If you use NetBEUI as your RAS protocol it can be well guarded.

Tip 4: Use a strong security policy

The only thing you can do to improve security is to have a good, strong security policy. Make sure everyone knows about it and knows it's mandatory. Such a policy needs to include severe penalties for an employee who downloads unauthorized software on a company machine.

If you are using Windows 2000 Server, assign users special access rights to use your server without surrendering control to administrators. A good use is to authorize human resources to delete and disable an account. This allows HR to delete or disable a departing employee's user account before he or she is fired. Also, with special user rights, you can grant this permission to delete and disable accounts and restrict the creation of users or change permissions.

Tip 5: Check firewall settings

A final tip involves carefully examining firewall settings. Firewalls are an important part of the network because they isolate your company's computers from programs on the Internet that could damage them.

First, make sure the firewall doesn't open up more IP addresses than necessary. At least one IP address must be used externally for all Internet communications. If you also have DNS registered Web servers or email servers, their IP addresses may also be visible through the firewall.

Second, you can check the port list to verify that you have closed all the port addresses that are not commonly used. For example, TCP/IP port 80 is used for HTTP traffic, but port 81 may never be used and should therefore be turned off.

What are the five tips for maintaining server security? Share them here. I hope the above content can improve everyone. If you want to learn more, please pay more attention to the updates of Xiaobian. Thank you for your attention to the website!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.