• <abbr id="ck0wi"><source id="ck0wi"></source></abbr>
    <li id="ck0wi"></li>
  • <li id="ck0wi"><dl id="ck0wi"></dl></li><button id="ck0wi"><input id="ck0wi"></input></button>
  • <abbr id="ck0wi"></abbr>
  • <li id="ck0wi"><dl id="ck0wi"></dl></li>
  • Home >

    Three Measures To Fill Loopholes In Enterprise System

    2008/7/24 17:34:00 7

    Three Measures To Fill Loopholes In Enterprise System

    Vulnerability management is a very important part of enterprise network security management.

    Just imagine, if we live in a broken house with a lot of holes, will we feel safe?

    The same is true of enterprise networks.

    How can a network that is full of holes protect the safety of enterprise information and network applications?

    However, loophole management is a complex job. It is not easy to do well.

    The author believes that we must consider the following contents in order to carry out this work.

    First, network scan or host trace.

    If we want to patch up the loopholes, we need to know the loopholes first before we can repair them.

    Therefore, the first task of vulnerability management is to trace the existing hosts and see what are the loopholes.

    Now generally there are two kinds of trace ways. One is to trace the whole host of the network from a host in the network. We can use some trace tools, such as streamers, to trace all the computers in the network conveniently, and find the holes in their operating systems.

    If you can use the streamer trace tool, you can easily find out which hosts in the enterprise network do not set the administrator account password or simply set up a simple password (for example, 123456); you can also use this tool to trace the host's default sharing and so on.

    The other is a slight sketch of the main engine.

    It is to install a trace tool on all hosts in the network, and then trace the host one by one.

    For example, now some anti-virus software, such as Kingsoft antivirus, rising star and other anti-virus software, all have their own loopholes.

    With these tools, our network security administrator can easily find vulnerabilities that may be attacked in the operating system.

    If we use these two ways to trace the same host, we may not get the same information.

    Why?

    In fact, the network sketch is like a hacker. As for scanning our network, the information obtained may be just some relatively simple information, and because of various other limitations, it may not be all vulnerabilities.

    If we scan the host side, we will get more detailed information, or we may find all the loopholes we have known.

    It can be seen that if we can scan on the host, our administrator will know more information.

    Unfortunately, the operation of each operation system on the host computer is very heavy.

    Therefore, we need to achieve a balance between workload and safety according to the actual situation.

    The author suggests:

    In the actual work, the two methods are adopted.

    As for the general user's operating system, the author finds out their loopholes and gives them a repair through the way of network scanning.

    For network application servers, such as the company's database server, file server and so on, they scan them regularly on the machine.

    On the one hand, servers run 24 hours a day. We can make use of task scheduling commands to scan servers at idle time, such as twelve points. In this way, the work of scanning will not affect the operation of servers during the daytime. On the other hand, servers are only a few in the enterprise, so scanning will not be very troublesome.

    Moreover, the security of the server is much more important than the average user's operating system.

    So for the server, scanning the host side is very necessary.

    For the general user's operating system, only remote scanning can be carried out.

    As long as we scan the network, we can scan some vulnerabilities that can be scanned by hackers, Trojan horses, and then repair them.

    In this way, we can reduce the probability of the user's operating system being attacked by Trojan horse and virus, and improve the security of the enterprise network.

    Two. When to scan

    When should we scan the host?

    Is it once a day, or a Monday, or once a month?

    From an ideal point of view, of course, the higher the frequency is, the better we can find loopholes.

    However, we also know that both native scan and network scan consume resources, which will have a great impact on the performance of the host and network.

    If we use network scanning, we will occupy more network bandwidth in the process of scanning, thus reducing the efficiency of other network applications.

    If I pass a test, when I open the network scan, I will copy a 5M size image to a file server. It will take nearly half of the time without opening the network scan.

    It can be seen that if scanning is too frequent, it will greatly affect the normal operation of other network businesses.

    For this reason, we need to set up a reasonable scanning frequency to minimize the adverse impact on normal business while satisfying safety.

    The author suggests:

    The author has little research in this area, now share the author's views, please enlighten us.

    1, without exception, the author made a loophole scan on the computer for two months.

    Usually in the last weekend of the end of the month, the author will scan the company's computer by using the rest time on Friday.

    It will take about two hours.

    In our business, we have to rest for 1.5 hours at noon, so the impact on the network speed of users is only about half an hour.

    It is also acceptable for users to understand the reasons.

    2, when there are some exceptions, special arrangements will be made.

    If we can see on some virus websites, such as Kingsoft website, what viruses are popular recently?

    At this point, we can take some scanning accordingly.

    That is to say, we do not need multiple operating systems to scan from start to finish at this time, but refer to specific vulnerabilities that need to be scanned by these viruses or Trojan horses.

    In this way, the scope of scanning can be narrowed, so that the efficiency of scanning can be improved, and the impact on users can also be reduced to the lowest level.

    3, for any scan record, we must record the flow for enquiries.

    After every scan, the author compares the scanning records with the previous ones.

    By comparison, we can know which vulnerabilities have not been repaired, whether we have found the right patch, or whether the patch is clash with the existing software, or that the vulnerability is not harmful to the enterprise and so on.

    At the same time, if we have employees reinstall the system, then we do not need to re scan it.

    According to the latest scan results, we can fix the bug.

    In this way, we can save our scanning time.

    At the same time, these vulnerabilities scan records can also help us solve network security failures.

    If there is a user who reflects to the author, someone else has landed in his mailbox.

    Some of the mail in his mailbox had not been read by himself, but the ones in the mailbox were already read.

    The author looked at his computer's latest vulnerability scan record and found that there was a very serious loophole. I didn't know how to patch it.

    This bug has recently been popular with a vulnerability that has been exploited by Trojan horses that steal user accounts and passwords.

    Then the author used this trojan horse killing tool to kill him on his computer, and found the trace of the Trojan.

    Therefore, if we can fully tap the value of this scanning record, he will be very helpful for our safety work.

    Three, we need to do a good job before testing.

    When we find holes, can we patch them up?

    In fact, it is not.

    I believe that when we are loopholes in it, it is best to test on the local computer to see if the patch of this vulnerability will conflict with other software on the computer.

    Rather than waiting for regrets when there is conflict, why don't we do a good job of testing first?

    In general, they will conduct some tests on patches released by Microsoft's operating system and its office software.

    However, the contents of their testing may not involve all the software that the enterprise is using now.

    As I have seen before, when the SP2 patch of XP system is installed, the open source mapping software used by the author is not running.

    Later, we had to reinstall the system and upgrade the operating system to 2003.

    Fortunately, its hardware configuration can support 2003 systems, otherwise the trouble will be great.

    The author suggests:

    The author has learned many lessons in this respect. When the patch is hit, the software running on the original operating system will not be able to run normally or the speed of operation will be greatly affected.

    To tell you the truth, there are also several pirate Microsoft operating systems in our company. After installing a patch, sometimes the pirated operating system can not be used, or user registration and other prompt information.

    Therefore, in order to avoid our good intentions to do bad things, I strongly suggest that enterprise network security administrators, when installing patches, need more thorough tests before they can patch and repair vulnerabilities on a large scale.

    Otherwise, though loopholes are made up, they may have a great impact on the current application of enterprises.

    Then we are outweighed by losses.

    • Related reading

    Several Criteria For A Successful Business Website

    Market network
    |
    2008/7/24 17:33:00
    10

    Essential Knowledge Of Building An Enterprise Website

    Market network
    |
    2008/7/17 15:52:00
    13

    Common Advertising Technology Strategies For Building Knowledge

    Market network
    |
    2008/7/17 15:51:00
    10

    Planning Websites Needs Planning

    Market network
    |
    2008/7/17 15:49:00
    4

    Website Must Be Read

    Market network
    |
    2008/7/17 15:49:00
    6
    Read the next article

    Preparations For Enterprises To Do Web Sites

    Preparations for enterprises to do web sites

    主站蜘蛛池模板: 人人洗澡人人洗澡人人| 老头一天弄了校花4次| 精品欧洲videos| 日本韩国一区二区三区| 在线观看精品视频网站www| 国产午夜三级一区二区三| 亚洲一级毛片免费看| www日本黄色| 豆奶视频大全免费下载| 欧美日韩精品久久久免费观看| 性猛交xxxxx按摩中国| 国产69精品久久久久777| 乱码在线中文字幕加勒比| 99精品偷自拍| 激情偷乱在线观看视频播放| 夜色资源网站www| 亚洲精品自产拍在线观看| 中文字幕亚洲欧美在线不卡 | 色妺妺在线视频| 日本免费一区尤物| 国产精品亚洲综合网站| 亚洲人精品亚洲人成在线| baoyu116.永久免费视频| 老司机67194精品线观看| 成人欧美一区二区三区的电影 | 国产激情一区二区三区成人91| 人与动人物欧美网站| ?1000部又爽又黄无遮挡的视频| 波多野结衣欲乱上班| 国产视频xxx| 亚洲精品国产第1页| 久久免费看少妇高潮V片特黄| 日本人强jizzjizz老| 欧美成人免费香蕉| 国产男人午夜视频在线观看 | 久久精品免费一区二区三区| 1000部羞羞禁止免费观看视频| 欧美一级做一级爱a做片性| 国产高清一级毛片| 亚洲人成片在线观看| 雯雯的性调教日记h全文|