Three Measures To Fill Loopholes In Enterprise System

The author believes that we must consider the following contents in order to carry out this work.

Therefore, the first task of vulnerability management is to trace the existing hosts and see what are the loopholes.

If you can use the streamer trace tool, you can easily find out which hosts in the enterprise network do not set the administrator account password or simply set up a simple password (for example, 123456); you can also use this tool to trace the host's default sharing and so on.

It is to install a trace tool on all hosts in the network, and then trace the host one by one.

For example, now some anti-virus software, such as Kingsoft antivirus, rising star and other anti-virus software, all have their own loopholes.

With these tools, our network security administrator can easily find vulnerabilities that may be attacked in the operating system.

Why?

In fact, the network sketch is like a hacker. As for scanning our network, the information obtained may be just some relatively simple information, and because of various other limitations, it may not be all vulnerabilities.

If we scan the host side, we will get more detailed information, or we may find all the loopholes we have known.

It can be seen that if we can scan on the host, our administrator will know more information.

Unfortunately, the operation of each operation system on the host computer is very heavy.

As for the general user's operating system, the author finds out their loopholes and gives them a repair through the way of network scanning.

For network application servers, such as the company's database server, file server and so on, they scan them regularly on the machine.

On the one hand, servers run 24 hours a day. We can make use of task scheduling commands to scan servers at idle time, such as twelve points. In this way, the work of scanning will not affect the operation of servers during the daytime. On the other hand, servers are only a few in the enterprise, so scanning will not be very troublesome.

Moreover, the security of the server is much more important than the average user's operating system.

So for the server, scanning the host side is very necessary.

As long as we scan the network, we can scan some vulnerabilities that can be scanned by hackers, Trojan horses, and then repair them.

In this way, we can reduce the probability of the user's operating system being attacked by Trojan horse and virus, and improve the security of the enterprise network.

Is it once a day, or a Monday, or once a month?

From an ideal point of view, of course, the higher the frequency is, the better we can find loopholes.

However, we also know that both native scan and network scan consume resources, which will have a great impact on the performance of the host and network.

If we use network scanning, we will occupy more network bandwidth in the process of scanning, thus reducing the efficiency of other network applications.

If I pass a test, when I open the network scan, I will copy a 5M size image to a file server. It will take nearly half of the time without opening the network scan.

It can be seen that if scanning is too frequent, it will greatly affect the normal operation of other network businesses.

For this reason, we need to set up a reasonable scanning frequency to minimize the adverse impact on normal business while satisfying safety.