Paper Keywords: computer network security countermeasures

In this paper, the problems existing in computer network security are deeply discussed, and the corresponding improvement and preventive measures are put forward.

With the rapid development of computer information construction, computers have been widely used in various fields of daily work and life, such as government agencies, schools, hospitals, communities and families. However, the security of computer network has been threatened as never before. Computer viruses are everywhere, hackers are rampant, and it is impossible to prevent them. This paper will aim at the problems existing in computer information network security and put forward corresponding security precautions.

1, technical countermeasures

In terms of technology, computer network security technology mainly includes real-time scanning technology, real-time monitoring technology, firewall, integrity detection and protection technology, virus situation analysis and reporting technology and system security management technology. Taken together, the following countermeasures can be taken at the technical level:

1) Establish a safety management system. Improve the technical quality and professional ethics of personnel including system administrators and users. For important departments and information, it is a simple and effective method to strictly check drugs and back up data in time.

2) Network access control. Access control is the main strategy of network security. Its main task is to ensure that network resources are not illegally used and accessed. It is one of the most important core strategies to ensure network security. Access control involves a wide range of technologies, including network access control, network authority control, directory level control and attribute control.

3) Backup and recovery of database. Database backup and recovery is an important operation for database administrators to maintain data security and integrity. Backup is the simplest and most unexpected way to restore the database. Recovery is the operation of using backup to recover data after an accident. There are three main backup strategies: only backing up databases, backing up databases and transaction logs, and incremental backup.

4) Apply cryptographic technology. The application of cryptographic technology is the core technology of information security, and cryptographic means provide a reliable guarantee for information security. Password-based digital signature and identity authentication is one of the most important methods to ensure information integrity at present. Cryptography mainly includes classical cryptography, single-key cryptography, public-key cryptography, digital signature and key management.

5) cut off the route of transmission. Thoroughly disinfect infected hard disks and computers, do not use USB flash drives and programs from unknown sources, and do not download suspicious network information at will.

6) Improve the anti-virus technical ability of the network. By installing a virus firewall, real-time filtering is carried out. Scan and monitor files in network servers frequently, use anti-virus cards on workstations, and strengthen the setting of network directories and file access rights. In a network, restrict files that can only be executed by the server.

7) Develop and improve a highly secure operating system. It is safer to develop an operating system with high security, which does not give a hotbed for virus breeding.

2. Management countermeasures

The security management of computer network depends not only on the security technology and preventive measures adopted, but also on the management measures adopted and the strength of implementing computer security protection laws and regulations. Only by combining them closely can computer network security be effective. Computer network security management includes safety education for computer users, establishing corresponding security management institutions, constantly improving and strengthening computer management functions, and strengthening legislation and law enforcement of computers and networks. Strengthening computer security management, strengthening users' laws, regulations and moral concepts, and improving computer users' safety awareness are very important measures to prevent computer crimes, resist hacker attacks and prevent computer virus interference.

This requires continuous legal education for computer users, including computer security law, computer crime law, secrecy law, data protection law and so on. , clear the rights and obligations that computer users and system administrators should perform, consciously abide by the principles of information system legality, user legality, information disclosure, information utilization and resource limitation, consciously fight against all illegal and criminal acts, and maintain the security of computers, network systems and information systems. In addition, computer users and all staff should be educated to consciously abide by various rules and regulations established to maintain system security, including personnel management system, operation and maintenance management system, computer processing control management system, various data management systems, computer room safety management system, special plane and strict division of labor management system.

3. Physical safety measures

In order to ensure the security and reliability of computer network system, it is necessary to ensure that the system entities have a safe physical environment. This security environment refers to the computer room and its facilities, mainly including the following contents:

1) Environmental conditions of computer system. The safe environmental conditions of computer system include temperature, humidity, air cleanliness, corrosion, pests, vibration and shock, electrical interference, etc. There should be specific requirements and strict standards.

2) Selection of the site environment of the computer room. It is very important to choose a suitable installation location for the computer system. It directly affects the security and reliability of the system. When choosing the location of the computer room, we should pay attention to its external environmental safety, geological reliability and anti-electromagnetic interference ability, avoid strong vibration sources and strong noise sources, and avoid being located at the top of the building and the lower floor or next door of water equipment. Also pay attention to the management of entrances and exits.

3) Safety protection of computer room. Computer room security protection is a security measure and countermeasure to prevent physical disasters in the environment and unauthorized individuals or groups from destroying, tampering or stealing network facilities and important data. In order to achieve regional security, we should first consider physical access control, identify the identity of access users and verify their legitimacy; Secondly, the activities of tourists must be restricted; Third, set up a multi-layer security protection circle outside the central equipment of the computer system to prevent illegal and violent intrusion; The building where the fourth equipment is located should have facilities to resist all kinds of natural disasters.

Computer network security is a complex system engineering, involving technology, equipment, management, system and many other factors, and the formulation of security solutions needs to be grasped as a whole. The network security solution is to integrate various computer network information system security technologies, including security operating system technology, firewall technology, virus protection technology, intrusion detection technology and security scanning technology, to form a complete and coordinated network security protection system. We must pay equal attention to management and technology, combine security technology with security measures, strengthen computer legislation and law enforcement, establish backup and recovery mechanisms, and formulate corresponding security standards. In addition, because computer viruses, computer crimes and other technologies know no national boundaries, it is necessary to carry out full international cooperation to deal with the increasingly rampant computer crimes and computer viruses.

References:

Zhang Qianli. New Technology of Network Security [M]. Beijing People's Posts and Telecommunications Press, 2003.

[2] Long Dongyang. Network security technology and application [M]. Guangzhou: South China University of Technology Press, 2006.

[3] Chang Jianping, Jin Huiyun, Lou Meizhi, Network Security and Computer Crime [M]. Beijing: China People's Public Security University Press, 2002.