Shulou(Shulou.com)06/01 Report--

With the continuous development of computer network technology, the application field of computer network is becoming more and more extensive, so the security of computer network is becoming more and more important.

The main threats to modern network security are viruses, worms, Trojans and so on. In addition, we may also suffer from different types of networks, such as detection and access, denial of service, and so on.

So what should we do?

1 deploy some security facilities, including JUNIPER firewall, Cisco IPS, configuration × × and ACL, and install antivirus software

2 install the latest patch in time to prevent buffer overflow or permission upgrade, and close unwanted ports and services.

Use passwords that are as complex as possible, and some books also call them strong passwords or robust passwords, which actually have the same meaning.

(4) strictly manage the physical access to the system.

Avoid unnecessary WEB page input.

(6) back up regularly.

(7) encrypt data and set password protection for important files.

Let's talk about how to ensure the security of enterprise network (network equipment):

1. Security of the router

The main commands are as follows:

(1) configure the router with a password. All passwords that can be configured are configured. Do not use plaintext passwords.

(2) in order to prevent the password from being broken violently, we should restrict the frequent login of users.

R1 (config) # security authentication failure arte 5 log

After 5 consecutive login failures, users wait 15 seconds by default before they can wait for login.

R1 (config) # login block-for 60 attempts 3 wihtin 30

After three consecutive login failures within 30 seconds, the user waits for 60 seconds before continuing to log in.

R1 (config) # login delay 10

After the configuration user logs in successfully, it will take 10 seconds to log in again.

Add here that to ensure security, it is best to use SSH instead of Telnet, because SSH is more secure

2 switch to enable port security

3 to use AAA technology

4 configure ACL on the router

5 configure ISA on the WINDOWS server

6 configure iptables on a LINUX-based server

5 use a hardware firewall, such as Cisco's PIX or ASA, or use JUNIPER's firewall

6 if you have plenty of money, you can use Cisco's IPS. If necessary, IDS can also use it.

7 use IPSec- × ×

8 if there is a wireless device in the network environment, be sure to use key technology

9 server reinforcement, which is also very critical.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.