1 Network security definition The so-called network security means that the data in the hardware, software and its system of the network system is protected from being damaged, changed or leaked by accidental factors or malicious attacks to ensure that the system can be continuous, reliable and normal. Ground operation, network services are not interrupted. Common problems affecting network security include viruses, hackers, system vulnerabilities, data tampering, etc. This requires us to establish a complete network security system to ensure the network operates safely and reliably.
2 characteristics of computer network attacks Computer network attacks have the following characteristics: 1 loss is huge; 2 threats to society and national security; 3 methods are diverse, means concealed; 4 is based on software attacks.
3 Main factors affecting network security 1 Information leaks. 2 The information was tampered with. 3Transmit illegal traffic. 4 wrong use of network resources. 5 illegal use of network resources. 6 environmental impact. 7 software vulnerabilities. 8 people are safety factors.
4 Security flaws and causes in computer networks 4.1 Vulnerability of TCP/IP. The basis of the Internet is the TCP/IP protocol. But the protocol does not take into account the security of the network. And, because the TCP/IP protocol is publicly available, if people are familiar with TCP/IP, they can use its security flaws to implement network attacks.
4.2 Insecure network structure. The Internet is an Internet technology. It is a huge network of numerous local area networks. When people use one host to communicate with a host on another LAN, usually the data streams that are transmitted between them are forwarded through many machines, if the attacker uses a host on the user's data stream transmission path. He can hijack the user's data packet.
4.3 Easy to be eavesdropped. Since most of the data streams on the Internet are not encrypted, it is easy to eavesdrop on e-mail, passwords, and transmitted files on the Internet using tools that are freely available online.
4.4 Lack of security awareness. Although there are many security barriers in the network, there is a general lack of security awareness, making these protections useless. For example, in order to avoid the additional authentication of the firewall proxy server, a direct PPP connection is made to avoid the protection of the firewall.
5 Common cyber attacks 5.1 Trojan horses. The Trojan horse program can directly invade the user's computer and destroy it. It is often disguised as a utility program or game to entice the user to open an email attachment with a Trojan horse program or download it directly from the Internet once the user opens the attachment to the email or After executing these programs, it hides a program on the computer system that can be silently executed when Windows starts. When you connect to the Internet, this app notifies the attacker to report your IP address and the pre-configured port. After receiving this information, the attacker can use the program lurking in it to modify the parameters of your computer, copy files, and spy on the contents of your entire hard disk to control your computer. purpose.
5.2 WWW's spoofing technology. Online users can use IE and other browsers to access a variety of WEB sites, but the average user may not think that these problems exist: the web pages being visited have been tampered with by hackers. For example, the hacker rewrites the URL of the webpage that the user wants to browse to point to the hacker's own server. When the user browses the target webpage, the request is actually made to the hacker server, and the hacker can achieve the purpose of fraud.
5.3 Mail bomb. Email is a widely used communication method on the Internet. An attacker can use a number of mail bomb software or CGI programs to send a large amount of spam to the destination mailbox, so that the destination mailbox is exploded and cannot be used. When spam traffic is particularly large, it may also cause the mail system to reflect slow or even embarrassing work. Compared with other attack methods, this attack method has the advantages of simplicity and quick effect.
5.4 Overload attack. An overload attack is an attacker who sends a large number of useless requests over the server for a long time, so that the attacked server is always busy and cannot satisfy other users' requests. One method that is used most by an attacker in an overload attack is a process attack. It is to artificially increase the workload of the CPU by a large amount of time, and consumes the working time of the CPU, so that other users are always in a waiting state.
5.5 Network monitoring. Network monitoring is a working mode of the host. In this mode, the host can receive all the information transmitted by the network segment on the same physical channel, regardless of the sender and receiver of the information. Because the system performs password verification, the password input by the user needs to be transmitted from the client to the server, and the attacker can perform data monitoring between the two ends. At this time, if the information communicated by the two hosts is not encrypted, it is easy to intercept information including passwords and account numbers by using some network monitoring tools (such as NetXRay for Windows95/98/NT, Sniffit for Linux, Solaries, etc.). data. Although the user account and password obtained by the network monitoring have certain limitations, the listener can often obtain all the user accounts and passwords of the network segment where the network is located.
5.6 Security breaches. Many systems have such security holes (Bugs). Some of them are owned by the operating system or application software itself. Such as buffer overflow attacks. Since many systems do not check the program and buffer changes, they accept any length of data input, put the overflow data on the stack, and the system executes the command as usual. In this way, the attacker will enter an unstable state as long as it sends an instruction that exceeds the length that the buffer can handle. If the attacker specifically configures a string of characters to be used as an attack, he can even access the root directory, giving him absolute control over the entire network.
6 Countermeasures Based on the above analysis and identification of cyber attacks, we should carefully develop targeted strategies. Identify security objects and set up a strong security system.
6.1 Improve safety awareness. Don't open emails and files with unknown origins, don't just run programs that people who don't know them well; try to avoid downloading unknown software and game programs from the Internet; use passwords as much as possible to mix alphanumeric characters, simple English Or the numbers are easy to exhaust; download and install system patches in a timely manner; do not run hacking programs casually.
6.2 Use anti-virus and anti-black firewall software to treat anti-virus and anti-black as daily work. A firewall is a barrier that prevents hackers in a network from accessing an organization's network. It can also be called a threshold for controlling incoming/outbound communication. Internal and external networks are isolated at the network boundary by a corresponding network communication monitoring system established to block the intrusion of external networks.
6.3 Set the proxy server, hide your own IP address and increase vigilance against attacks. It is important to protect your own IP address. In fact, even if you have a Trojan installed on your machine, there is no way for an attacker without your IP address, and the best way to protect your IP address is to set up a proxy server. The proxy server can function as an intermediate transfer from the external network to access the internal network. Its function is similar to a data forwarder, which mainly controls which users can access which service types. When an external network applies for a certain network service to the internal network, the proxy server accepts the application, and then it decides whether to accept this according to the type of service, the content of the service, the object to be served, the time of the application of the server, the scope of the domain name of the applicant, and the like. The service, if accepted, forwards the request to the internal network.
6.4 Frequent data backup and analysis of time logs and records. Data backup is often performed to prevent important data from being tampered with and deleted due to attacks. Always check firewall logs, intrusion detection logs, and check whether the anti-virus software update components are up-to-date.
7 Conclusion Security management has always been one of the weak links of network systems, and users' requirements for network security are often quite high, so security management is very important. Network managers must be fully aware of potential security threats and take precautions to minimize the consequences of these threats and minimize the risk.
Led Touch Screen Monitor including Capacitive touch display and Infrared Touch Screen Monitor, both have been widely used in many occasions, such as showroom, brand monopoly, hotel lobby, fairs, company showrooms, supermarkets, banks,government units and so on.
Touchwo have focused on research and development production of Touchscreen Monitor and All In One Computer for many years,
so our products are competitive both in technology and practical applications.
LED Touch Screen Monitor
Led Touch Screen Monitor,Infrared Touch Screen Monitor,Touch Screen Led Monitor,Touch Screen Monitor For Pc
Guangzhou TouchWo Electronics Co.,Ltd. , http://www.touchaio.com