Network security handwritten newspaper stick figure

First, cyber attacks.

1. Attacks on the network can be roughly divided into two categories: service supply and non-service attacks. Attacks can be divided into eight categories: system intrusion attack, buffer overflow attack, deception attack, denial of service attack, firewall attack, virus attack, Trojan horse attack and backdoor attack.

2. Application Dependent Attrack refers to an attack on a server that provides a certain service for the network, resulting in "denial of service" of the server and abnormal network work. At track's denial-of-service attack has the following effects: consuming bandwidth, consuming computing resources, and crashing systems and applications. , which prevents legitimate users of a service from accessing the services they have access to.

3. Application-independent Attrack is not aimed at specific application devices, but at the underlying protocols such as the network layer. This kind of attack often uses the loopholes in the protocol and operating system to achieve the purpose of the attack, which is a more hidden and dangerous attack means.

Second, information security.

Information security in 1. network mainly includes two aspects: information storage security and information transmission security.

2. Information storage security refers to how to ensure that information statically stored in networked computers will not be illegally used by unauthorized network users.

3. Information transmission security refers to how to ensure that information is not leaked and attacked during network transmission.

The main threats to information transmission security are: intercepting information, tampering with information and forging information.

The main technologies to ensure the information security of network system are data encryption and decryption.

Third, the problem of preventing denial.

Rejection prevention refers to how to prevent users of information sources from not acknowledging the information they sent afterwards, or not acknowledging the account after receiving the information. Authentication, digital signature, digital envelope and third-party confirmation are needed to ensure the legality of network information transmission and prevent denial.

Fourth, the internal security of the network

We sometimes hear the news that a company's customer information was leaked, and it was found that it was caused by a retired employee of the company's background theft. Security protection within the network refers to how to prevent users with legal status from intentionally or unintentionally revealing behaviors harmful to network and information security. To solve the unsafe factors in the network, we must start from two aspects: on the one hand, we can monitor the running state of the network and the working state of users at any time through network management software, and record and audit the use state of extremely important network resources (hosts, databases, disks, etc.). ); On the other hand, it is to standardize and improve the network use and management system and strengthen user training and management.

Verb (abbreviation of verb) network antivirus

At present, viruses can be roughly divided into six categories: boot virus, executable file virus, macro virus, mixed virus, Trojan virus and network language virus. Network antivirus needs to be solved from two aspects: antivirus technology and user management.

Six, network data backup and disaster recovery

No matter how powerful the enterprise is, it can't avoid network disaster. Some are avoidable disasters (such as administrators mistakenly deleting data), and some are inevitable disasters, such as unexpected power failure and line damage. Alipay and WeChat also had several downtime last year. Therefore, network data backup and disaster recovery are extremely important.