计算机网络Research on Computer Network Security and Prevention Strategy

1、Research on Computer Network Security and Prevention StrategyKeywords: Computer network; network security; technology prevention; safety strategyAbstract: With the development and popularization of the computer network, the security problem has increasingly become the focus of common concern. The co

2、mputer network safety problems mainly include: protocol design issues, awareness, management system and technical operation. Hackers on the computer network attack techniques: Deceptive attack, masquerade attacks, vulnerability attack, covert attack and technical attack. Accordingly, we should take

3、the corresponding safety countermeasures: strengthen network security education, using the network protection technology, detection technology and anti-virus technology. This paper mainly analyzes the defects and the security problems of computer network, discusses about the maintenance of computer

4、network security and the way for computer network attack technology defense strategy.0 IntroductionsComputer network technology has become an indispensable part of modern life, its application changed the traditional way of life and works, greatly improves the work efficiency, which is a great chang

5、e in history of mankind. However, the computer network technology also hidden loopholes and many security problems bring us convenient at the same time, some lawless elements through computer network fraud, cyber crimes have occurred from time to time, these problems will bring great threat to human

6、 life. So we need a computer network environment, which use the advanced computer network technology to build a safe, reliable.1 Unsafe factors existing in computer networkComputer network security problems ensure that the information safety in the network environment of storage, transmission, proce

7、ss. The safety of computer network provides the guarantee for the realization of network efficient, fast operation and transportation. Therefore, research on the calculation of network security technology is first to clear understanding to the unsafe factors existing in computer network are main pro

8、blems in recent years, integrated computer network security appears, on the unsafe factors in network system existence mainly conclude the following aspects.1.1 The security of operating systemAt present, most of the operating system of computer application has many loopholes, because the operating

9、system is designed by people, it is very difficult to achieve the perfect. But the operating system is the basic safeguard for a computer information security, if the operating system can not basis security role, and other security measures can not be achieved due to the defensive effect, such as fi

10、rewall, if the firewall is installed in the operating system the existence of loopholes, the firewall is likely to be loopholes in the system to ignore, dont play to resist external disturbance function. Therefore, the unsafe factors of the operating system itself generate a threat to the security o

11、f computer network.1.2 Firewall securityNow due to the design of computer products are not perfect, so all users install firewall on the market itself there are many unsafe factors, such as the most common problem of firewall products in the application is the single point of failure and the bottlen

12、eck problem. Firewall as the first line of defense to defense against unauthorized intrusion into the computer, which itself is safe, the configuration is consistent with the standards, for the normal software is rejected, and these are the problems to be solved security firewall.1.3 Virus attackIn

13、a computer network, virus spread and transform in new development stage, we can not fundamentally eliminate it, cant count on the defense system against its existing for a long time. Therefore, if we truly want to resist the invasion of computer virus, requires the installation of the operating syst

14、em security and efficient detection and prevention system.1.4 Application of network protocolNetwork protocol called TCP/IP protocol, mainly used in large-scale network systems, because the TCP/IP network protocol is not designed for communication security design, so it has many unsafe factors from

15、network threats, such as loss of data, authentication etc. Therefore, the system flaw of TCP/IP protocol is a very serious problem in computer network security.2 Attack techniques of hackers on the computer networkBecause of the Internet itself without time and geographical restrictions, so hackers

16、can be an easy job to all levels of network intrusion. At present, the hackers on the computer network attack techniques have five methods. 2.1 Deceptive attackBecause the computer network is designed to share resources that determine its open characteristics, it easy causes data tampering and delet

17、ion, low data security. Such as phishing is a deceptive attack tactics, fishing tool is by sending spam claiming deceptive from some institutions, intention luring the addressee is sensitive information, such as a user name, password attacks, account ID, ATMPIN code or credit card details. The most

18、commonly used technique is sensitive data as some real website to deceive users. Phishing in the past to large or well-known Web site, but due to the large and famous website rapid response, security features and provides enhanced, so, hackers are increasingly targeting smaller sites.2.2 Masquerade

19、attacksHackers often use computer software to camouflage IP packet, put their own play into the host address trust, conversation and the target host, once pretending to be successful, you can come straight to the point, and carry out attacks in the target host is unknown circumstances; hackers also

20、forged IP address, routing entries, DNS analytic address, so that by the attack server unable to distinguish between these requests or unable to respond to these requests, thereby causing buffer blocking or crash; hackers can also through the LAN IP address of a machine set as the network address, r

21、esulting in data packets in the network can not be normal forwarding and make a network paralysis.2.3 Vulnerability attackTalked about earlier, security protocol design problem, using the computer network awareness, management system and technical operation, that may create loopholes, such as bounda

22、ry conditions, a function pointer and other software design improper or lack of restraint, resulting in the address space error; software system without treatment for certain types of packets or request in operation, abnormal etc. The hacker is by these loopholes gap, the operating system of certain

23、 service open port engine buffer overflow attack.2.4 Covert attackCovert attack is carried out by means of Trojan virus. Trojan horse is a hacker tools based on remote control, the attack is hidden, often the user not aware. Once the hackers will Trojan program successfully implanted into the target

24、 host, computer hackers have become the control of the puppet master, and hackers became super user. Trojan program can be used to collect important information in the system, such as the password, account number, password. Hackers can also remote control host attack on other hosts, such as DDOS att

25、acks are among the puppet master received the order to attack, at the same time to the target to send a large number of the service request packet.2.5 Technical attackTechnical attacks are that hackers use sniffer and scan attack. Sniffer is a technology that use computer network interface intercept

26、ed the destination data of other computers. Network sniffer illegally obtained important information of user name, password by passively listening to network communication, data analysis. Passive and non interfering its threat to the network security from the network, to information leakage and not

27、easy to be found. While scanning be aimed as vulnerabilities, traversal search behavior on network. Because of the existence of loopholes, useful information so scanning tools can often concealed detecting other host, as a prelude to the next attack.3 Security strategy of computer network According

28、to the common security problems in computer networks and hackers on the computer network attack techniques, we must take corresponding safety measures.3.1 To improve the network security educationComputer network security is a process, involving management, technology and application the three aspec

29、ts. Specific operators at all levels is people, and people is the weakest link in network security, so we have to strengthen the safety technology training network, strengthen the safety consciousness, improve the overall quality of the three aspects of personnel. First, strengthen the network knowl

30、edge training; make the relevant personnel to master certain network knowledge, master the IP address configuration, data sharing and other basic knowledge of the network, set up the good habit of using computer. Secondly, to strengthen the safety and technical training make relevant personnel to ma

31、ster the safety technique, to guarantee the data safe and reliable information. Thirdly, strengthen security awareness training, let the staff know the importance of the three aspects of information security, information security assurance data is the common responsibility of all staff.3.2 Applicati

32、on of network protection technology The starting point of network protection technology is first divided into clear the edge of the network, and then checks the information by using various control methods through on the network boundary; stop does not conform to the provisions of the information, i

33、n order to prevent hackers on the internet. Network protection technology mainly has: (1) Firewall. A firewall is a kind of used to strengthen the network access control, external network users to prevent illegally through the external network access to the internal network, access to internal cyber

34、 source, with special network interconnection equipment to protect the internal network operating environment. We used a packet filtering firewall technology, state detection technology, application gateway technology. Packet filtering technology implementation selecting the packet in the network la

35、yer; state detection technology is the state detection mechanism for connectivity, will belong to the same connected all the package as a whole data flow, a link state table, by rule table and state table together with, each in the table the connection status factors are identified, it is relative t

36、o the packet filtering technology, more flexibility and security; application gateway technology using a running special communication data security check software workstation connected to the protected network and other network, aimed at specific details hidden protection network, host and data pro

37、tection, though firewall is an effective means to protect network security at present, but could not prevent the firewall other than the way the attacks, not prevent defections from within and without the threat of heart of the user, can not completely prevent transmission of the virus has infected

38、software or documents, also cannot guard against data-driven attacks.(2) The anti wall. Antivirus wall is located at the entrance to the network, network security equipment for filtering the network transmission of the virus. The firewall can legally connected on the network data flow analysis, and

39、the virus data sent from allowing the connected computer flow but incapable of action, because it cannot recognize the legitimate data whether the presence of virus in the package. Antivirus wall is to overcome the firewall flaw, it uses the signature of virus in the gateway, prevent network worms (

40、Word) and corpse network (BOT) expansion.(3) Virtual Private Network (VPN). VPN is a virtual sub networks that take physical distribution in different locations of the network connection through the public network to logical network. It can help different users and internal network and establish a s

41、ecure connection and credible, and to ensure the security of data transmission. In order to ensure the information security, VPN technology uses the authentication, access control, confidentiality and other measures, to prevent information leakage, tampering and copying.3.3 The network detection tec

42、hnology Network detection technology is protected by monitoring the situation and the activities of the system to identify the computer system and network system attack, including the detection of illegal intruders malicious attacks or testing, and beyond the internal legal privileges of the users i

43、llegal activities.(1) Intrusion detection: Intrusion detection analyze them, to find whether there is a breach of security strategy and the signs of attack based on the number of key points to collect information of computer network or computer system, and, and the system for safety and prevention.

44、Intrusion detection system consists of intrusion detection software and hardware, the main functions are: first, the detection and analysis of user and system activities; second, check the system configuration and operating system log; third, find bugs and statistical analysis of abnormal behavior.(

45、2) Intrusion prevention. Intrusion prevention system is a kind of intrusion active protection system. It is a new technology of network security based on intrusion detection systems found on. If the network was what attack passively detect intrusion detection system can only, and block the attack ab

46、ility is limited, so, intrusion prevention system to detect attack attempts in the network of import and export office, will automatically attack packets lost or take measures to block the attack source. You can think of intrusion prevention system is the firewall and intrusion detection system, but

47、 is not to say that the intrusion prevention system can replace the firewall and intrusion detection system. (3) Vulnerability scanning. Vulnerability scanning technology is an important active security technology. It is mainly to check whether the target host loopholes through the following two way

48、s. First, know the target host open ports on the network services in the port scanning, match these related information and network vulnerability scanning system vulnerability database, see if there are loopholes satisfy matching conditions; second, by simulating the hacker attacks, the target host

49、system for aggressive security vulnerability scanning, such as test weak password, if a simulated attack success, indicates that the target host system security vulnerabilities.3.4 The use of anti virus technologyA computer virus can cause the computer failure, destruction of documents and data, to seize the system cyber source, infect other programs, to plug the network or the system paralysis. Especially, threatening and destructive computer virus is more incalculable in