纯英文班论文.doc

Computer network security and to guard against Abstract: When mankind entered the 21st century information society, the network society of the time, China will establish a complete set of network security system, especially from the policy and law to establish Chinas own characteristics, network security system. Key words: computer; network; security; prevent In the information age, information can help groups or individuals so that they benefit from, the same information can also be used to pose a threat to them, caused damage. Therefore network security, including the composition of network hardware, software and network transmission of information security, so that they do not because of accidental or malicious destruction of the attacks, network security not only the technical aspects, but also management issues, both complement each other, are indispensable. First, the concept of computer network security International Organization for Standardization of computer security is defined as: To establish a data processing system and the adoption of technology and management of security protection, the protection of computer hardware, software, data is not due to accidental and malicious destruction of reasons, change and leakage. The above definition of computer security includes physical security and logical security of both the contents of the contents of the logic of security could be understood as we often say that the information security, information refers to the confidentiality, integrity and availability of protection, and network security Information security is the meaning of the extension, that network security is a network of information confidentiality, integrity and availability protection. Computer network security as the specific meaning of the user changes, the user is different on the network security awareness and requirements will be different. From the ordinary users point of view, could only hope that personal privacy or confidential information transmission on the network be protected against eavesdropping, tampering and forgery; and network provider in addition to care about these network information security, we must also consider how to deal with sudden natural disasters, such as military strikes against the destruction of network hardware, as well as unusual in the network how to restore network communications, and maintain the continuity of network communications. In essence, the network security, including the composition of network hardware, software and network transmission of information security, so that they do not because of accidental or malicious attacks on the destruction of both the technical aspects of network security issues, there are management issues, the two sides complement each other, are indispensable. Man-made network intrusion and attacks makes network security is facing new challenges. Second, computer network security status quo Computer network security is the network hardware, software and data systems are protected from accidental or malicious destruction of reasons, alteration, disclosure, the system continuous, reliable, normal operation of network services without disruption. Computer and network technology has the complexity and diversity, makes computer and network security has become a need to continue to update and improve the area. At present, hackers method has been more than the type of computer virus, and many attacks are fatal. In the Internet network, because the Internet does not have the time and geographical constraints, whenever there is a means to generate new attacks, we can in a week around the world, these attacks means the use of network and system vulnerabilities to attack computer systems and resulting in network paralysis. Worms, backdoor (Back-doors), Rootkits, DOS (DenialofServices) and Sniffer (network monitor) is a familiar means of several hacker attacks. However, none of these attacks means they reflect the astonishing power of today become worse. These types of attacks means the new variant, with previous attacks appeared methods, more intelligent, targeted against Internet-based protocols and operating system level. From the Web process control procedures to the kernel-level Rootlets. Hackers practices escalating renovation, to the users ability to guard against information security challenge. Third, computer network security precautions 1, to strengthen the internal network management and the use of safety awareness among staff, many computer systems commonly used passwords to control access to system resources, which is anti-virus process, the most vulnerable and the most economical methods. Network administrator and terminal operator privileges in accordance with their responsibilities, choose a different password for the application data legitimate operation, to prevent unauthorized users to access the data and the use of network resources. On the network, software installation and management is crucial, it is not only related to network maintenance and management efficiency and quality, but also to the network security. A good antivirus software can be easily installed within minutes to the organization each NT server can also be downloaded and spread to all the purpose of the machine by the network administrator set up and manage to focus, it will work with the operating system and other security is closely linked to become a part of network security management, and automatically provide the best network virus defensive measures. When the computer virus on-line resources applications attack, such as the virus exists in the information-sharing network of media, it is necessary to the security at the gateway, on the network front-end for antivirus. 2, network firewall technology Is a kind of used to strengthen the network access control to prevent the external network users to illegal means to enter the external network through the internal network, access internal network resources and protect the internal network operating environment special for Network Interconnection Devices. It is between two or more networks such as packet transmission link in accordance with a certain degree of security strategy to implement the inspection, to determine whether the network communication between are allowed to, and monitor the network running. Although the firewall is to protect the network from an effective means of hacking, but there are obviously inadequate: through the firewall can not protect against outside attack other means, can not prevent defectors from the inside and inadvertent threats posed by users, but also can not completely prevent the transmission of the virus have been infected with the software or documents, and can not protect against data-driven attacks. 3, security encryption technology Encryption technology for the global e-commerce to provide a guarantee, so that Internet-based electronic trading system has become possible, thus improving the symmetric encryption and asymmetric encryption technology is still the mainstream of the 21st century. Symmetric encryption to the conventional password-based technology, computing encryption and decryption operations use the same key. Asymmetric encryption, encryption key that is different from the decryption key, encryption keys are made public, anyone can use, only the decryption key to decrypt people know. 4, the network host operating system security and physical security measures Network firewall as the first line of defense and can not fully protect the internal network, must be combined with other measures to improve the safety of the system level. After the firewall is based on the network host operating system security and physical security measures. In accordance with the level from low to high, namely, the physical security of the host system, the core operating system security, system security, application services security and file system security; At the same time, host security checks and bug fixes, as well as a backup safety system as a supplementary safety measures. These constitute the entire network system, the second line of defense, the main part of a breakthrough to prevent the firewall as well as attacks from within. System backup is the last line of defense network system, used to attack after the System Restore. The firewall and host security measures is the overall system security by auditing, intrusion detection and response processor constitute the overall safety inspection and response measures. It from the network system firewall, network host or even directly from the network link layer on the extraction of network status information, as input to the intrusion detection subsystem. Intrusion Detection System in accordance with certain rules to determine whether there is any invasion of the incident, if the invasion occurred, the emergency treatment measures, and generate a warning message. Moreover, the systems security audit also can be used as the future consequences of aggressive behavior and to deal with security policy on the system to improve sources of information. In short, network security is a comprehensive issue, involving technology, management, use and many other aspects, including both its own information system security issues, there are physical and logical technical measures, a kind of technology can only