• <abbr id="ck0wi"><source id="ck0wi"></source></abbr>
    <li id="ck0wi"></li>
  • <li id="ck0wi"><dl id="ck0wi"></dl></li><button id="ck0wi"><input id="ck0wi"></input></button>
  • <abbr id="ck0wi"></abbr>
  • <li id="ck0wi"><dl id="ck0wi"></dl></li>
  • Home >

    Three Measures To Fill Loopholes In Enterprise System

    2008/7/17 14:49:00 24

    Three Measures To Fill Loopholes In Enterprise System

    Vulnerability management is a very important part of enterprise network security management.

    Just imagine, if we live in a broken house with a lot of holes, will we feel safe?

    The same is true of enterprise networks.

    How can a network that is full of holes protect the safety of enterprise information and network applications?

    However, loophole management is a complex job. It is not easy to do well.

    The author believes that we must consider the following contents in order to carry out this work.

    First, network scan or host trace.

    If we want to patch up the loopholes, we need to know the loopholes first before we can repair them.

    Therefore, the first task of vulnerability management is to trace the existing hosts and see what are the loopholes.

    Now generally there are two kinds of trace ways. One is to trace the whole host of the network from a host in the network. We can use some trace tools, such as streamers, to trace all the computers in the network conveniently, and find the holes in their operating systems.

    If you can use the streamer trace tool, you can easily find out which hosts in the enterprise network do not set the administrator account password or simply set up a simple password (for example, 123456); you can also use this tool to trace the host's default sharing and so on.

    The other is a slight sketch of the main engine.

    It is to install a trace tool on all hosts in the network, and then trace the host one by one.

    For example, now some anti-virus software, such as Kingsoft antivirus, rising star and other anti-virus software, all have their own loopholes.

    With these tools, our network security administrator can easily find vulnerabilities that may be attacked in the operating system.

    If we use these two ways to trace the same host, we may not get the same information.

    Why?

    In fact, the network sketch is like a hacker. As for scanning our network, the information obtained may be just some relatively simple information, and because of various other limitations, it may not be all vulnerabilities.

    If we scan the host side, we will get more detailed information, or we may find all the loopholes we have known.

    It can be seen that if we can scan on the host, our administrator will know more information.

    Unfortunately, the operation of each operation system on the host computer is very heavy.

    Therefore, we need to achieve a balance between workload and safety according to the actual situation.

    The author suggests:

    In the actual work, the two methods are adopted.

    As for the general user's operating system, the author finds out their loopholes and gives them a repair through the way of network scanning.

    For network application servers, such as the company's database server, file server and so on, they scan them regularly on the machine.

    On the one hand, servers run 24 hours a day. We can make use of task scheduling commands to scan servers at idle time, such as twelve points. In this way, the work of scanning will not affect the operation of servers during the daytime. On the other hand, servers are only a few in the enterprise, so scanning will not be very troublesome.

    Moreover, the security of the server is much more important than the average user's operating system.

    So for the server, scanning the host side is very necessary.

    For the general user's operating system, only remote scanning can be carried out.

    As long as we scan the network, we can scan some vulnerabilities that can be scanned by hackers, Trojan horses, and then repair them.

    In this way, we can reduce the probability of the user's operating system being attacked by Trojan horse and virus, and improve the security of the enterprise network.

    Two. When to scan

    When should we scan the host?

    Is it once a day, or a Monday, or once a month?

    From an ideal point of view, of course, the higher the frequency is, the better we can find loopholes.

    However, we also know that both native scan and network scan consume resources, which will have a great impact on the performance of the host and network.

    If we use network scanning, we will occupy more network bandwidth in the process of scanning, thus reducing the efficiency of other network applications.

    If I pass a test, when I open the network scan, I will copy a 5M size image to a file server. It will take nearly half of the time without opening the network scan.

    It can be seen that if scanning is too frequent, it will greatly affect the normal operation of other network businesses.

    For this reason, we need to set up a reasonable scanning frequency to minimize the adverse impact on normal business while satisfying safety.

    The author suggests:

    The author has little research in this area, now share the author's views, please enlighten us.

      1、在沒有例外的情況下,筆者兩個月對企業的電腦進行一次漏洞掃描。一般都是定在雙月底最后一個周末,筆者會利用周五中午休息的時間,對公司的電腦進行掃描。這大概有花費兩個小時的時間。而我們企業的話,中午休息一個半小時,故對于用戶網絡速度影響也大概只有半個小時左右。跟用戶講明白其中的原因,他們也是可以接受的。

    • Related reading

    Strengthening Enterprise Management By Software Technology

    Market network
    |
    2008/7/12 14:12:00
    27

    Secret Repair Of Domain Name Omissions

    Market network
    |
    2008/7/12 14:11:00
    41

    Olympic Cybersecurity: China Is Not Afraid Of Hackers.

    Market network
    |
    2008/7/12 14:11:00
    22

    Building XP'S Safety Defense Line

    Market network
    |
    2008/7/12 14:11:00
    31

    Smes Need To Get Out Of E-Commerce Misunderstandings

    Market network
    |
    2008/7/12 14:10:00
    28
    Read the next article

    How To Prevent Trojan Horse Intrusion

    How to prevent Trojan horse intrusion

    主站蜘蛛池模板: 国产在线精品二区韩国演艺界 | 久久国产精品-久久精品| 亚洲欧美一区二区三区日产| 久久久久夜夜夜精品国产| 高清不卡毛片免费观看| 良妇露脸附生活照15| 日本japanese丰满奶水| 国产福利在线视频尤物tv| 亚洲一区欧美日韩| 黄网站色在线视频免费观看| 污视频免费看网站| 尤物视频在线播放| 免费大片在线观看网站| 中文字幕在线精品| 黄网站色成年片大免费高清| 欧美日韩国产一区二区三区在线观看| 性做久久久久久久久| 公车上玩两个处全文阅读| eeuss中文字幕| 欧美破处视频在线| 国产特级毛片aaaaaaa高清| 久久综合日韩亚洲精品色| 18禁止午夜福利体验区| 欧美人与zoxxxx视频| 国产女人18毛片水| 亚洲av日韩综合一区久热| 韩国成人毛片aaa黄| 最新浮力影院地址第一页| 国产美女视频一区| 亚洲va久久久噜噜噜久久男同| 91视频最新地址| 欧洲亚洲国产精华液| 天堂√在线中文资源网| 免费看欧美一级特黄a大片一| 么公的好大好深视频好爽想要 | 国产午夜福利短视频| 中文无码热在线视频| 男女混合的群应该取什么名字 | 皇夫被迫含玉势女尊高h| 国产裸体美女永久免费无遮挡| 人人狠狠综合久久亚洲|