Computer Network Security and Protection Strategy
Computer Network Security and Protection Strategy
Computer Network Security and Protection Strategy
Protection Strategy
Computer network security has become a global concern. Computer network and
information security technology is the core issue of the computer and network
systems for effective protection. Network security protection involves very wide
range, from a technical level, mainly including data encryption, identity
authentication, intrusion detection and intrusion protection, virus protection and
virtual private networks (VPNS)
(2) Forge ARP packet is a kind of very complex technology, involves many
aspects of TCP/IP and Ethernet characteristics, and in this as ARP security
issues is not very appropriate. Fake ARP packet is the main process to the IP
address of the destination host and Ethernet address for an ARP packet
source address. The routing information protocol (RIP) Attacks attack. RIP protocol
used to publish dynamic routing information in the local area network (LAN), it is to
provide consistent routing for the nodes in the local area network (LAN) designed
and accessibility of information, but the node to receive the information authenticity
checks, so an attacker could issue incorrect routing information online, take
advantage of a router or host ICMG redirection information, realize the network
attack.
Computer Virus
Computer viruses can be stored, executable and can be hidden in the executable
programs and data files without being found that trigger the access control system
after an executable program. Computer viruses is mainly transmitted by copying
files, and run the program operation. In the everyday use, floppy disk, hard disk,
CD and network is the main way of spreading the virus. Computer virus after
running light could reduce the system efficiency, or may damage files, delete files,
even make the data loss, destruction of the system hardware, all kinds of
unpredictable consequences.
VPN Technology
VPN is the latest to solve the problem of information security, one of the most
successful technology subject, a virtual private network (VPN) technology is on
the public network to establish dedicated network, make the data through the
security of encryption "pipe" in the public network. To build on the public
communication network VPN there are two kinds of mainstream mechanism, these
two mechanisms for routing filtration technology and tunnel technology. The
current VPN mainly adopts the following four technology to ensure safe: tunnel
technology, encryption technology, key management technology and user identity
authentication technology and equipment. Among them, several popular
techniques for the PPTP, L2TP tunnel and IPsec VPN tunnel mechanism should be
able to have different levels of technology security services.
Firewall technology
Firewall is a network access control devices, to refuse in addition to explicitly
allow through all communication data. It is different from simple router will
determine the direction of network information transmission. However, access to
the site in the network transmission through relevant to the implementation of a set
of one or a set of system access strategy. Most firewalls are the combination of
several functions to protect themselves, in the form of transmission network from
malicious attacks, one of the most popular technology with static state of packet
filtering, dynamic packet filtering, filtering, and the proxy server technology,
increase their level of security, but in the concrete practice of the system should
not only be considered cost performance, and to consider security network
connectivity. In addition, today's good also adopted the VPN and viewing of a
firewall and intrusion detection technology.
Authentication technology
Certification is an important technology to prevent malicious attacks, it is
important to all kinds of information system security in open environment, the
main purpose of the certification, there are two: 1) authentication information of
the sender is legal (2) To verify the integrity of the information to ensure that the
information has not been tampered with in the process of transmission, replay or
delay. The relevant certification main techniques are message authentication,
identity authentication and digital signature.
CONCLUSION
The network information security is a fast changing, update the field. This means
that simply using a certain protective measures is no guarantee that the network
information security, we must comprehensive use of various protection strategy,
integrating the advantages, cooperate with each other, so as to set up the network
information security protection system. Based on many years' network security
work practice of the author to the common network security hidden danger has
made the detailed elaboration, summarizes some use of network security strategy,
and the design of network security protection system elaborated the basic
principle, practice shows that still has a certain reference value. Network security
work, is still a need in daily work point guard and will largely reduce network
security hidden danger, to protect the normal use of the network.
REFERENCES
1. Anderson J P. Computer Security Threat Monitoring and Surveillance [P]. PA15034, USA. 2015.8.
2. B. Endicott .Active Defense to Cyber Attacks. Information Assurance and Security [J].2014.9