chapter3 network security and management
1. network security threats
Web threats from a wide range: hardware devices and circuits, systems and software, environment, network administrators, and other self-exposure.
Security threat (1) network hardware equipment and lines
Illegal invasion: infiltration techniques or by criminals physical line network intrusion, unauthorized use of resources and damage to obtain data.
Line interference: for example, the network cable close to the transformer, it will seriously affect the normal communication.
Communications eavesdropping: mobile phones, electromagnetic, optical cable eavesdropping.
Viruses: ---.
hacker attack:---. Especially now that the wireless router become the main target, because of cell phones, laptops are connected to a wireless router.
Complete threat (2) network and software systems
No classification and identification of the user, so that unrestricted access and control data, such that unauthorized users access to the illegal network operation. Lack of security tools and management tools.
(3) environment: earthquakes, fires
(4) Network management: confidentiality is not strong, password disclosure, operational errors.
2. Firewall
When the Internet often encountered Tip: windows Firewall has blocked this program!
Firewall settings protective barrier between the trusted internal network and the untrusted external network (Internet).
Protect the internal network from external invasion of illegal users online. Three generations of experience in the technology firewall: simple packet filtering, application proxies, stateful inspection firewall. The current mainstream technology is having a firewall traffic filtering capabilities.
The early installation of a firewall is generally direct software (application software) on your computer, on behalf of products checkpoint firewalls, Ruixing, 360ARP, Jinshan network shield and so on. Later on the use of PC hardware architecture, hardware-based firewall security operating system kernel developed some of the basic characteristics of Unix, Linux and so posed, it is a combination of software and hardware. As TOPSEC topsec. Now is the use of independent design asic chip , based on specialized hardware platforms, not operating system, such as Huawei, cisco, H3C, juniper and other company's firewall.
Firewall service control: determine which services can be accessed; direction control: which direction to allow through the firewall; user control: the user to control access to services; behavioral control: control a specific behavior.
Firewall: passwords, auditing, encryption, authentication.
Firewall also supports enterprises with internet service features internal network technology system VPN (Virtual Private Network).
Firewalls can not prevent 80 ports, 25 ports of the attack.
A firewall is a passive mechanism, not proactive. You can not eliminate the source of the attack.
3. Individual prevention network
(1) Prevention: 360 security guards and so on; and timely repair system vulnerabilities; various passwords do not like complex password;
(2) Do not click on the file strangers, there is a file format most viruses are executable files (suffix exe, com, bat, sys) loaded by the operating system and other programs running. Received files should be scanned through antivirus software.
(3) wifi security, do not use the free wifi; do not use banks in the public network, Alipay
(4) timely file backup. Do not install the software directly installed in the root directory (the root directory is the first drive letter). When unloading likely to cause other files in the root directory is lost.
4. Hardware Fault Analysis and Processing
Examples: student computer room, a computer can not open pages?
(1) issue twisted pair and crystal head? With access to the Internet computer network cable to try, if the socket is not light the issue is not twisted.
(2) involved in the card is normal? With the command prompt ping the IP address of the machine.
Click "Start" - "Run" (shortcut win + R) Enter "CMD" and then enter the "ipconfig" Enter to check the machine IP.
Then enter the ping 10.30.49.65
There is not a problem of data transfer card
(3) non-standard network topology can lead to network can not see the indicator light does not shine hub. Sometimes hub port will be aging, you can change to another port.
5. Fault analysis and processing software
protocol configuration issues, IP address conflict
As with the above, ping IP normal, then the problem is not the protocol configuration.
Input ipconfig / renew suggesting no adapter is allowed to run in the operating state of the window. It is likely to be an IP address conflict.
Enter Network and Sharing Center, local connection - properties --TCP / IPV4 properties, check the DHCP to automatically obtain an IP address on it.
Network communication media chapter 4
1. wired transmission medium
UTP: two insulated copper wire protective layers. A twisted pair consists of five components:
In the form of a spiral tightly twisted together, similar to the structure of DNA sequence. Such that the interference generated between the copper wires cancel each other. Thereby reducing the external electromagnetic radiation signal.
UTP is used to transmit analog and digital signals. Transmission distance can be up to 100 meters. Divided shielded twisted pair, unshielded twisted pair. Shielded twisted pair (top right) is prepared by the shield wires between the dual cross line and outer insulation jacket, reduce interference, higher transmission rates, but expensive. The unshielded twisted pair transmission rate is divided into several different categories, Category 5 is the most commonly used, the transmission rate is 100M / s.
In early local area networks, using a coaxial cable, cable networks currently used in a cell.
