Computer network security technology analysis stone Abstract: With the increasing penetration of computer networks into all aspects of people's lives, the security of computer networks has become more and more important. With the rapid development of computer network technology, there are endless attacks. Once the computer network attack is successful, thousands of computers on the network will be paralyzed, thus causing huge losses to computer users. Therefore, it is very urgent and necessary to seriously study the security problems existing in today's computer network and improve the security awareness of computer network. Keywords: security issues; Related technologies; Countermeasures Although computer network has brought great convenience to people, it is vulnerable to improper attacks such as hackers and malicious software because of the diversity of connection forms, the uneven distribution of terminals and the openness and interconnection of the network, so the security and confidentiality of online information is a crucial issue. Strengthening the construction of network security is a big problem related to the overall image and interests of enterprises. At present, a large amount of information is stored in the network of enterprises, and many aspects of work are increasingly dependent on the network. Once there is a problem with network security, information will be lost or not circulated in time, or tampered with, added, deleted, destroyed or stolen, which will bring irreparable huge losses. For the government and many other units, the significance of strengthening network security construction is even related to national security, interests and development. 1 Several computer network security issues 1. 1 TCP/IP protocol security issues. TCP/IP protocol widely used in network environment at present. Internet technology shields the hardware details of the underlying network and enables heterogeneous networks to communicate with each other. Because of its openness, TCP/IP protocol itself means security risks. Because a large number of important applications use TCP as its transport layer protocol, the security problem of TCP will bring serious consequences to the network. 1.2 security of network structure. Internet is an Internet technology. It is a huge network composed of countless local area networks. When people use a host to communicate with a host in another LAN, usually the data stream transmitted between them must be forwarded by many machines. The communication packets between any two nodes are not only received by the network cards of these two nodes, but also intercepted by the network cards of any node on the same Ethernet. Therefore, as long as a hacker visits any node on the Ethernet to detect, he can capture all the data packets that occur on this Ethernet, unpack them and steal key information. In addition, most data streams on the Internet are not encrypted, so it is easy for hackers to use tools to crack online emails, passwords and transmitted files, which is an inherent security risk of the Internet. 1.3 router and other network devices. The main functions of router are data channel function and control function. As the key equipment for communication between intranet and extranet, strictly speaking, all network attacks must go through the router, but some typical attack methods are developed by using the design defects of the router itself, and some methods are simply carried out on the router. 2 Related technologies of computer network security The realization of computer network security depends on various network security technologies. Technically speaking, network security consists of several security components, such as secure operating system, secure application system, antivirus, firewall, intrusion detection, network monitoring, information audit, communication encryption, disaster recovery, security scanning, etc. A single component cannot guarantee the security of information network. At present, mature network security technologies mainly include firewall technology, data encryption technology, intrusion detection technology and anti-virus technology. 2. 1 firewall technology. The so-called "firewall" is to establish a system around the protected network by adopting appropriate technology to isolate the protected network from the external network. On the one hand, "firewall" can prevent the outside world from accessing the internal network resources illegally, on the other hand, it can also prevent the internal system from accessing the external system unsafe. The main technologies to realize firewall are packet filtering, application layer gateway, proxy service and address translation. 2.2 Data encryption technology. As far as cryptography is concerned, encryption technology can be divided into symmetric key cryptography and asymmetric key cryptography. Symmetric key cryptosystem requires that encryption and decryption use the same key. Because encryption and decryption use the same key, encryption and decryption need to exchange keys of session keys. The key exchange of session keys usually adopts digital envelope method, that is, the session key is encrypted with the public key of the decryptor and transmitted to the decryptor, and then the decryptor recovers the session key with its own private key. The application of symmetric key cryptography is that encryption and decryption have different keys, and it is impossible to calculate the encryption key and decryption key on the computer without knowing the specific information. Encryption and decryption only have a pair of private key and public key. Asymmetric key cryptography is widely used in data encryption, identity authentication, access control, digital signature, data integrity verification, copyright protection and other fields. 2.3 Intrusion detection technology. Intrusion detection systems can be divided into two categories, network-based and host-based. Network-based intrusion detection system mainly uses passive methods to collect data on the network. At present, host-based intrusion detection system is widely used in practical environment. It inserts the monitor directly into the controlled server in the form of software module. In addition to maintaining the functions and advantages of network-based intrusion detection system, it can also directly target the host and internal information system, and is not affected by network protocol, rate and encryption. At the same time, it also has the functions of checking Trojan horses, monitoring specific users, and monitoring behavior changes related to misoperation that network-based intrusion detection systems do not have. 2.4 Anti-virus technology. With the continuous development of computer technology, computer viruses have become more and more complex and advanced, spreading faster and faster, posing a great threat to computer network systems. Antivirus software widely used for virus prevention can be divided into two categories: network antivirus software and stand-alone antivirus software. Single-machine antivirus software is generally installed on a single PC. They are mainly aimed at so-called "single-machine antivirus", that is, analyzing and scanning remote resources connected to local workstations, detecting and removing viruses. Network antivirus software is mainly based on network antivirus. Once a virus invades the network or infects other resources from the network, the network antivirus software will immediately detect and delete it. 3 Several suggested security countermeasures 3. 1 network segmentation. Network segmentation is usually regarded as the basic means to control the network broadcast storm, but it is also an important measure to ensure network security. Its purpose is to isolate illegal users from sensitive network resources, so as to prevent possible illegal interception. 3.2 Switch Hub. After replacing the * * * shared hub to segment the LAN central switch, the danger of Ethernet interception still exists. This is because the access of network end users is often through branch hubs rather than central switches, and the most widely used branch hubs are usually * * * dedicated hubs. In this way, when users communicate with the host, the data packets between the two machines will still be intercepted by other users on the same hub. Therefore, a switching hub should be used instead of an exclusive hub, so that unicast packets can only be transmitted between two nodes to prevent illegal interception. 3.3 VLAN division. In order to overcome the broadcast problem of Ethernet, in addition to the above methods, VLAN technology can be used to change Ethernet communication into point-to-point communication to prevent most intrusions based on network interception. In the centralized network environment, all the host systems in the center are usually concentrated in one VLAN, and no user nodes are allowed in this VLAN, so as to better protect sensitive host resources. In a distributed network environment, VLAN can be divided according to the settings of institutions or departments. All servers and user nodes in each department are in their own VLAN, and they will not cause interference. The connection within VLAN is realized by switching, while the connection between VLAN and VLAN is realized by routing. Of course, computer network security is not only a good network security design scheme, but also a good network security organization structure and management system to ensure it. It is necessary to establish a complete security management organization, formulate a strict security system, and designate security managers to strictly monitor and manage the whole computer system at any time. Refer to [1] Wang Da. Network administrators must read-Network Security [M]. Beijing: Electronic Industry Press, 2007. [2] Zhang Minbo. Detailed explanation of network security [M]. Beijing: Electronic Industry Press, 2008. [3] Xie Xiren. Computer Network (5th Edition) [M]