Computer network security and to guard againstAbstract: When mankind entered the 21st century information society, the network society of the time, China will establish a complete set of network security system, especially from the policy and law to establish China's own characteristics, network security Key words: computer; network; security; preventIn the information age, information can help groups or individuals so that they benefit from, the same information can also be used to pose a threat to them, caused Therefore network security, including the composition of network hardware, software and network transmission of information security, so that they do not because of accidental or malicious destruction of the attacks, network security not only the technical aspects, but also management issues, both complement each other, are First, the concept of computer network securityInternational Organization for Standardization of "computer security" is defined as: "To establish a data processing system and the adoption of technology and management of security protection, the protection of computer hardware, software, data is not due to accidental and malicious destruction of reasons, change and " The above definition of computer security includes physical security and logical security of both the contents of the contents of the logic of security could be understood as we often say that the information security, information refers to the confidentiality, integrity and availability of protection, and network security Information security is the meaning of the extension, that network security is a network of information confidentiality, integrity and availability Computer network security as the specific meaning of the user changes, the user is different on the network security awareness and requirements will be From the ordinary user's point of view, could only hope that personal privacy or confidential information transmission on the network be protected against eavesdropping, tampering and forgery; and network provider in addition to care about these network information security, we must also consider how to deal with sudden natural disasters, such as military strikes against the destruction of network hardware, as well as unusual in the network how to restore network communications, and maintain the continuity of network In essence, the network security, including the composition of network hardware, software and network transmission of information security, so that they do not because of accidental or malicious attacks on the destruction of both the technical aspects of network security issues, there are management issues, the two sides complement each other, are Man-made network intrusion and attacks makes network security is facing new Second, computer network security status quoComputer network security is the network hardware, software and data systems are protected from accidental or malicious destruction of reasons, alteration, disclosure, the system continuous, reliable, normal operation of network services without Computer and network technology has the complexity and diversity, makes computer and network security has become a need to continue to update and improve the At present, hackers method has been more than the type of computer virus, and many attacks are In the Internet network, because the Internet does not have the time and geographical constraints, whenever there is a means to generate new attacks, we can in a week around the world, these attacks means the use of network and system vulnerabilities to attack computer systems and resulting in network Worms, backdoor (Back-doors), Rootkits, DOS (DenialofServices) and Sniffer (network monitor) is a familiar means of several hacker However, none of these attacks means they reflect the astonishing power of today become These types of attacks means the new variant, with previous attacks appeared methods, more intelligent, targeted against Internet-based protocols and operating system From the Web process control procedures to the kernel-level R Hackers practices escalating renovation, to the user's ability to guard against information security Third, computer network security precautions1, to strengthen the internal network management and the use of safety awareness among staff, many computer systems commonly used passwords to control access to system resources, which is anti-virus process, the most vulnerable and the most economical Network administrator and terminal operator privileges in accordance with their responsibilities, choose a different password for the application data legitimate operation, to prevent unauthorized users to access the data and the use of network On the network, software installation and management is crucial, it is not only related to network maintenance and management efficiency and quality, but also to the network A good antivirus software can be easily installed within minutes to the organization each NT server can also be downloaded and spread to all the purpose of the machine by the network administrator set up and manage to focus, it will work with the operating system and other security is closely linked to become a part of network security management, and automatically provide the best network virus defensive When the computer virus on-line resources applications attack, such as the virus exists in the information-sharing network of media, it is necessary to the security at the gateway, on the network front-end for 2, network firewall technologyIs a kind of used to strengthen the network access control to prevent the external network users to illegal means to enter the external network through the internal network, access internal network resources and protect the internal network operating environment special for Network Interconnection D It is between two or more networks such as packet transmission link in accordance with a certain degree of security strategy to implement the inspection, to determine whether the network communication between are allowed to, and monitor the network Although the firewall is to protect the network from an effective means of hacking, but there are obviously inadequate: through the firewall can not protect against outside attack other means, can not prevent defectors from the inside and inadvertent threats posed by users, but also can not completely prevent the transmission of the virus have been infected with the software or documents, and can not protect against data-driven 3, security encryption technologyEncryption technology for the global e-commerce to provide a guarantee, so that Internet-based electronic trading system has become possible, thus improving the symmetric encryption and asymmetric encryption technology is still the mainstream of the 21st Symmetric encryption to the conventional password-based technology, computing encryption and decryption operations use the same Asymmetric encryption, encryption key that is different from the decryption key, encryption keys are made public, anyone can use, only the decryption key to decrypt people 4, the network host operating system security and physical security measuresNetwork firewall as the first line of defense and can not fully protect the internal network, must be combined with other measures to improve the safety of the system After the firewall is based on the network host operating system security and physical security In accordance with the level from low to high, namely, the physical security of the host system, the core operating system security, system security, application services security and file system security; At the same time, host security checks and bug fixes, as well as a backup safety system as a supplementary safety These constitute the entire network system, the second line of defense, the main part of a breakthrough to prevent the firewall as well as attacks from System backup is the last line of defense network system, used to attack after the System R The firewall and host security measures is the overall system security by auditing, intrusion detection and response processor constitute the overall safety inspection and response It from the network system firewall, network host or even directly from the network link layer on the extraction of network status information, as input to the intrusion detection Intrusion Detection System in accordance with certain rules to determine whether there is any invasion of the incident, if the invasion occurred, the emergency treatment measures, and generate a warning Moreover, the system's security audit also can be used as the future consequences of aggressive behavior and to deal with security policy on the system to improve sources of In short, network security is a comprehensive issue, involving technology, management, use and many other aspects, including both its own information system security issues, there are physical and logical technical measures, a kind of technology can only solve the problem on the one hand, rather than a To this end the establishment of a network with Chinese characteristics, security system, the need for national policies and regulations to support and joint research and development Security and anti-security like two sides of contradictions, always pick-up, so the security industry is a future with the development of new technologies and the continuous development of References:[1] Huang Yi-qiang, et On the software development needs analysis phase of the main Quarterly Journal of Sun Yat-sen University, 2002 (01)[2] Hu D Computer LAN [M] Beijing: Tsinghua University Press, [3] Zhu Lisen, even S Computer Network Application Technology [M] Beijing: Patent Literature Publishing House, [4] Xie X Computer Networks (4th edition) [M] Beijing: Publishing House of Electronics Industry, [5]孙小刚, Han Dong, et Oriented software engineering, Visual C + + Network Programming [M] Beijing: Tsinghua University Press, 2004,仅供参考,请自借鉴。希望对您有帮助。补充:您可以随时找我,我会帮你翻译好发过去,随时欢迎您的咨询。
