南昌大学计算机网络基础
浅析办公自动化网络安全防护策略
——理学院数学101崔福红
【 摘 要 】本文总结了办公自动化网络常见的安全问题及其后果,探讨了解决这些安全
问题的方法,提供了基于网络内部的安全策略。
【关 键 词】办公自动化 网络 网络安全 病毒 黑客
【Abstract】This article summarizes the office automation network common security
issues and its consequences, on the solution of the security problem the method, is provided based on the internal network security strategy
【Key works】Office automation Internet Internet safe Computer Viruses Hacker
1 引言
企业内部办公自动化网络一般是基于TcrilP协议并采用了
Internet的通信标准和Web信息流通模式的Intra-net,它具有开放性,因而使用极其方便。但开放性却带来了系统入侵、病毒入侵等安全性问题。一旦安全问题得不到很好地解决,就可能出现商业秘密泄漏、设备损坏、数据丢失、系统瘫痪等严重后果,给正常的企业经营活动造成极大的负面影响。因此企业需要一个更安全的办公自动化网络系统。
Enterprise office automation network is based on the TcrilP protocol with Internet communication standards and Web information circulation model Intra-net, which is open, so the use is extremely convenient. But open brought system intrusion,
第 - 1 - 页 共 14 页
南昌大学计算机网络基础
virus attacks and other security issues. Once the safety problem can not be solved, it may appear commercial secret, equipment damage, loss of data, the system paralysis and other serious consequences, to the normal business activities caused great negative impact. Therefore, enterprises need a more secure office automation network system.
2 办公自动化网络常见的安全问题 2.1 黑客入侵
目前的办公自动化网络基本上都采用以广播为技术基础的以太网。在同一以太网中,任何两个节点之间的通信数据包,不仅可以为这两个节点的网卡所接收,也同时能够为处在同一以太网上的任何一个节点的网卡所截取。另外,为了工作方便,办公自动化网络都备有与外网和国际互联网相互连接的出入口,因此,外网及国际互联网中的黑客只要侵入办公自动化网络中的任意节点进行侦听,就可以捕获发生在这个以太网上的所有数据包,对其进行解包分析,从而窃取关键信息;而本网络中的黑客则有可能非常方便的截取任何数据包,从而造成信息的失窃。
The current office automation network is basically used to broadcast based on ethernet. On the same Ethernet, communication between any two nodes data packets, not only for the two node network card receiving, also can be in the same
第 - 2 - 页 共 14 页
南昌大学计算机网络基础
Ethernet on any one node of the network card interception. In addition, in order to facilitate the work, office automation network with network and Internet connected entrance, therefore, extranet and Internet hackers in the invasive office automation as long as any node in the network to listen, you can capture occurred in the Ethernet all packets, carries on the analysis to unpack, steal a key information; and the network hackers may very convenient to intercept any packet, thereby causing the information being stolen
2.2 病毒感染
随着计算机和网络的进步和普及,计算机病毒也不断出现,总数已经超过20000种,并以每月300种的速度增加,其破环性也不断增加,而网络病毒破坏性就更强。一旦文件服务器的硬盘被病毒感染,就可能造成系统损坏、数据丢失,使网络服务器无法起动,应用程序和数据无法正确使用,甚至导致整个网络瘫痪,造成不可估量的损失。
Along with the computer and network the progress and popularization, computer virus also appears ceaselessly, has a total of more than 20000 per month, and 300 speed increase, its destructive also increases ceaselessly, and the network virus destructive stronger. Once the file server hard disk is infected by a virus, it may cause damage, loss of data, the network server can start, application programs and data cannot
第 - 3 - 页 共 14 页
南昌大学计算机网络基础
be used correctly, even lead to paralysis of the entire network, caused inestimable loss.
2.3 数据破坏
在办公自动化网络系统中,有多种因素可能导致数据的破坏。首先是黑客侵入,黑客基于各种原因侵入网络,其中恶意侵入对网络的危害可能是多方面的。其中一种危害就是破坏数据,可能破坏服务器硬盘引导区数据、删除或覆盖原始数据库、破坏应用程序数据等。其次是病毒破坏,病毒可能攻击系统数据区,包括硬盘主引导扇区、Boot扇区、FAT表、文件目录等;病毒还可能攻击文件数据区,使文件数据被删除、改名、替换、丢失部分程序代码、丢失数据文件;病毒还可能攻击CMOS,破坏系统CMOS中的数据。第三是灾难破坏,由于自然灾害、突然停电、强烈震动、误操作等造成数据破坏。重要数据遭到破坏和丢失,会造成企业经营困难、人力、物力、财力的巨大浪费。
In office automation network system, there are many factors that may lead to the destruction of data. The first is the hacker invades hacker, network intrusion based on a variety of reasons, including malicious intrusions against the network may be in many aspects. One danger is destruction of data, may disrupt the server hard disk boot sector data, delete or overwrite the original database, break the application data. Followed by the virus, the virus may attack system data area, including hard disk master boot sector, Boot sector, FAT table, file directory;
第 - 4 - 页 共 14 页
南昌大学计算机网络基础
virus may also attack the file data area, so that the file data is deleted, renamed, replace, lost part of program codes, missing data file; virus may also attack CMOS, CMOS destruction system data in. Third is the disaster damage, due to natural disasters, all of a sudden power failure, strong vibration, misoperation caused by data destruction. Important data were damaged and lost, will cause the enterprise manages difficulty, manpower, material resources, financial resources huge waste
3 网络安全策略
3.1 网络安全预警
办公自动化网络安全预誓系统分为入侵预警和病毒预警两部分。
入侵预警系统中,入侵检测可以分析确定网络中传输的数据包是否经过授权。一旦检测到入侵信息,将发出警告,从而减少对网络的威胁。它把包括网络扫描、互联网扫描、系统扫描、实时监控和第三方的防火墙产生的重要安全数据综合起来,提供内部和外部的分析并在实际网络中发现风险源和直接响应。它提供企业安全风险管理报告,报告集中于重要的风险管理范围,如实时风险、攻击条件、安全漏洞和攻击分析;提供详细的入侵告警报告,显示入侵告警信息(如入侵IP地址及目的IP地址、目的端口、攻击特征),并跟踪分析入侵趋势,以确定网络的安全状态;信息可以发往相关数据库,作为有关网络安
第 - 5 - 页 共 14 页