A network security flow chart
Two defense attack strategies
1. Network transmission security
Network transmission security is generally composed of network security devices. Common network security devices include hardware firewalls, network intrusion detection (IDS), routers, switches, etc.
The firewall can set various rules for the hosts entering the network device to ensure that the legitimate hosts of the Internet enter the server safely, and the hosts on the LAN can access the Internet according to the rules specified by the firewall.
Some attacks can be attacked within the rules allowed by the firewall. For this kind of attack, the firewall is powerless, and (IDS, Intrusion Detection System, Intrusion Detection System) equipment can be used at this time. According to certain security policies, IDS monitors the network and system running status, and tries to find various attack attempts, attack behaviors or attack results, so as to ensure the confidentiality, integrity and availability of system resources.
For example, if a firewall is likened to the door of a building, then the IDS is the surveillance camera inside the building. When some thieves disguise themselves as building insiders and enter the building through the gate, only the surveillance cameras can detect the thief's vandalism and prevent it. Call the police.
The router can set many routing rules, carry out detailed planning for the internal network, and control the network routing direction. At the same time, with the use of switches, the internal local area network can be communicated conditionally and regularly.
2. Operating system security
Operating system security is a series of security settings and optimizations performed on the server's system itself. For example, under the Linux operating system, the frequently performed system security settings are: the system kernel is regularly updated and kept up-to-date, the system's own software is kept up-to-date, the software firewall iptables prevention policy is configured, the antivirus software is configured to prevent viruses, and irrelevant services and ports are closed. , password security management, etc.
Now many attacks can bypass the firewall or camouflage into the system within the scope allowed by the firewall, in an attempt to damage. For example, some common virus programs cannot be detected by firewalls. At this time, if the operating system itself is configured with an antivirus software program, the system can detect virus attacks, and then resolve the crisis and eliminate the crisis in the bud. It can be seen from this that even if a hacker breaks through the first network transmission security gate, it cannot escape the inspection of the security of the operating system.
3. Application software security
Application software security is the security policy configuration and optimization of the application software program itself running on the server. For example, the common WWW server chapter configures Apache security, the database server restricts the connection to the database client through the database itself, and the FTP server performs resource authorization access by modifying the FTP configuration file itself. These are all application software security precautions. The embodiment of the strategy.
SQL injection attacks and cross-site scripting attacks are both attack intrusions caused by application software security vulnerabilities. It can be seen that application software defense is the core of network security. to no avail. When we do various security precautions, security equipment must be carried out on the basis of application software security. This imposes security requirements on the programmer.
The above describes the work that needs to be done in each aspect in detail from three aspects: network security, operating system security, and application software security. To access server resources from the Internet, you must go through these three security levels. If you can formulate a very detailed and complete security strategy in every aspect, hackers will not be able to perform various attacks and damages.