Brief analysis network security technology In the past two centuries, industrial technology represents a country's military and economic strength. Today, the rapid development of information technology in the twenty-first century have enhanced overall national strength of the key. 33215
With the development of computer technology in the computer business has been based on a single mathematical computing, document processing, based on a simple link to the internal network of internal business processes, such as office automation to the development of enterprises based on the complexity of the intranet, extranet, The global Internet enterprise-class computer systems and dealing with the world of business and information-sharing deal. In the information processing capacity, the ability to link the system has been improved. But the link in the information capacity, the ability to improve circulation at the same time, Web-based connections are also becoming more prominent security issues. This article from the following areas to explore:
First, in an open network at the same time there are security issues .
Internet's openness as well as other factors led to the network environment, the computer system is riddled with security problems. In order to address these security issues, a variety of safety mechanisms, strategies and tools for research and application have been. However, even in the use of existing tools and mechanisms for security, network security is still a great danger that these potential safety problems can be attributed mainly to the following:
a) the limitations of security
Each security mechanism must have the scope of the application and application environment. Firewall is an effective security tool, which can be concealed within the structure of the network to limit external network access to internal networks. But the visit between the internal network, the firewall is often powerless. Therefore, the internal network to the internal network between the invasion and the invasion of collusion, it is very difficult to find a firewall and guard against.
b) security management mechanism
Common safety management mechanism: the management of passwords; a variety of key generation, distribution and management; reunification of the entire network administrator authentication and authorization; the establishment of a system-wide assessment of the security system; the establishment of the security audit system; the establishment of systems and data Backup system; the establishment of security incidents / security alarm and response mechanism to deal with plans; the establishment of specialized teams and the safety of the operation of the rapid response system, and so on.
In order to strengthen the system for disaster prevention and response capability, but also to develop contingency plans for catastrophic accidents, such as an emergency action plan resources (hardware, software, data, etc.) to back up and operational plans, systems and the resumption of testing methods.
c) the impact of security tools
Security tools by the effects of man-made factors. A security tool to achieve the desired effect, to a large extent depends on the users, including system administrators and ordinary users, improper use will generate insecurity. For example, NT in a reasonable setting can be achieved after the C2 level of security, but very few people able to NT's own security policy for setting reasonable. In this regard, though, can still scanning tool to detect whether the system was set up reasonable, but the scan tool is basically just a system based on a default security policy comparison, for specific application environments and specialized applications It will be very difficult to judge the correctness of settings.
d) system in the area of security problems
The system is the back-traditional security tools difficult to take into account. Firewall is difficult to take into account the type of security issues, in most cases, these intrusions can legitimately through the firewall and difficult to detect; For example, the well-known ASP source issue in the IIS Server 4.0 has been previously exist, it is IIS services of a designer left the back door, no one can use the browser from the network to facilitate the transfer of the ASP program source code, which can collect information systems, which attack the system. For this type of invasion, the firewall can not be perceived as a firewall for example, the act of invasion and the normal course of the visit of the visit was similar to the Web, the only difference is that the invasion of the visit to link the request to add a suffix. 网络安全英文文献和中文翻译:http://www.751com.cn/fanyi/lunwen_30168.html