First, the concept of computer network security
The International Organization for Standardization defines "computer security" as "establishing and adopting technical and governance security protection of data processing systems, and protecting computer hardware and software data from accidental and malicious reasons". The above definitions of computer security include physical security and logical security. The content of logical security can be understood as what we often call information security, which refers to the protection of confidentiality, integrity and availability of information, while the meaning of network security is the extension of information security, that is, network security is the protection of confidentiality, integrity and availability of network information. The specific meaning of computer network security will change with the change of users. Different users have different understanding and requirements for network security. From the point of view of ordinary users, they may just want personal privacy or confidential information to be protected when transmitting on the network to avoid eavesdropping, tampering and forgery; In addition to the security of these network information, network providers should also consider how to deal with the destruction of network hardware caused by sudden natural disasters and military strikes, and how to restore network communication when the network is abnormal and maintain the continuity of network communication.
Network security essentially includes the hardware and software that constitute the network system, and the security of information transmitted on the network, so that it will not be destroyed by accidental or malicious attacks. Network security has both technical problems and governance problems, which complement each other and are indispensable. Man-made network intrusion and attack make network security face new challenges.
Second, the current situation of computer network security
Computer network security means that the hardware and software of the network system and the data in the system are protected from accidental or malicious reasons, and the system runs continuously, reliably and normally without interrupting network services. The complexity and diversity of computer and network technology make computer and network security a field that needs to be constantly updated and improved. At present, the attack methods of hackers have exceeded the types of computer viruses, and many attacks are fatal. On the internet, because the internet itself is not limited by time, space and region, whenever a new attack means is produced, it can spread all over the world within a week. These attacks use network and system vulnerabilities to attack, resulting in computer systems and network paralysis. Worms, backdoors, Rootkits, DOS and Sniffer are all familiar hacking methods. However, these attacks all showed their amazing strength, and today, they have intensified. Compared with the previous attack methods, these new variants are more intelligent, and the attack targets are directed at the Internet basic protocols and operating systems. From the control program of the Web program to the kernel-level Rootlets. Hackers' attack methods are constantly upgrading and renovating, constantly challenging users' information security prevention ability.
Three, computer network security precautions
1. Strengthen the safety awareness of internal network administrators and users. Many computer systems often use passwords to control access to system resources, which is one of the simplest and most economical methods in the anti-virus process. Network administrators and terminal operators choose different passwords according to their respective responsibilities and rights, and operate application data legally to prevent users from accessing data and using network resources beyond their authority.
On the network, the way of software installation and governance is very critical, which is not only related to the efficiency and quality of network maintenance and governance, but also related to network security. Good anti-virus software can be easily installed on every NT server in a company in a few minutes, and can be downloaded and distributed to all destination machines. It will be centrally set up and managed by the network administrator. It will be closely combined with the operating system and other security measures, become a part of network security governance, and automatically provide the best network virus defense measures. When a computer virus attacks the application of online resources, it exists in the network media of information sharing, so it is necessary to strengthen the gateway at the front end of the network and carry out antivirus.
2. Network firewall technology
It is an unconventional network interconnection device, which is used to strengthen the access control between networks, prevent external users from entering the intranet by illegal means, access the intranet resources and protect the intranet operating environment. It checks the data packets transmitted between two or more networks according to certain security policies (such as link mode) to decide whether to allow communication between networks, and monitor the running status of networks. Although the firewall is an effective means to protect the network from hacker attacks, it also has obvious shortcomings: it can't prevent attacks from other ways besides the firewall, it can't prevent threats from internal defectors and temporary users, it can't completely prevent the spread of infected software or files and it can't prevent data-driven attacks.
3. Security encryption technology
The emergence of encryption technology provides a guarantee for global e-commerce, thus making the electronic trading system based on the Internet possible. Therefore, in 2 1 century, perfect symmetric encryption and asymmetric encryption technologies are still the mainstream. Symmetric encryption is a traditional password-based technology, and the encryption operation and decryption operation use the same key. Asymmetric encryption means that the encryption key is different from the decryption key. The encryption key is public and can be used by anyone, while the decryption key is only known by the decryptor.
4. Operating system security and physical security measures of network hosts.
As the first line of defense of the network, firewall can't completely protect the internal network, so it must be combined with other measures to improve the security level of the system. Behind the firewall are operating system security and physical security measures based on network hosts. From low to high, it is physical security of host system, kernel security of operating system, system service security, application service security and file system security. At the same time, host security check, vulnerability repair and system backup security are adopted as auxiliary security measures. These constitute the second security line of the whole network system, mainly to prevent some from breaking through the firewall and attacking from the inside. System backup is the last line of defense of network system, which is used to recover the system after being attacked. After firewall and host security measures, it is an overall security check and response measures composed of system security audit, intrusion detection and emergency processor. It extracts network state information from firewall, network host and even directly from network link layer in network system, and provides it as input to intrusion detection subsystem. The intrusion detection subsystem judges whether there is an intrusion event according to certain rules, and if there is an intrusion, it starts emergency treatment measures and generates early warning information. Moreover, the security audit of the system can also be used as an information source to deal with the attack behavior and consequences and improve the security strategy of the system in the future.
In a word, network security is a comprehensive subject, involving technology, governance, use and many other aspects, including not only the security of information system itself, but also physical and logical technical measures. One technology can only solve one problem, but it cannot solve everything. Therefore, the establishment of a network security system with China characteristics needs the support of national policies and regulations and the joint research and development of the Group. Security and anti-security are like two contradictory aspects, always rising upwards, so the future security industry will also develop with the development of new technologies.
I hope to adopt it ~