3.2 Q: How to improve the level of intrusion protection Win9X system?
Protection measures as much as the attacks in this list I think the most important and most basic of 3:
1, install the latest patches.
2, close the printer sharing PRINTER $.Printer sharing, remote users can access to the machine's system32 directory to be shared under the printer driver.However, due to the existence of the system bug, and other system files will have the possibility of theft, such as the password file.
3, close the file sharing.If you are a home user, usually do not need to share files.If the non-sharing is not, you must add a password on the share and only share in the need to share time, share closed immediately after.
Q: enterprise network security response organizations should be included which people?
Who has always been the first important!The purpose of establishing security response organization is to determine: when the security event occurs, users who seek the help of this, he should do?Because of security issues related to every aspect, so members of this organization should come from all over the world to protect all sectors of business or social force.Typically, the security response organization personnel, including:
1 supervisor
Responsible for dealing with major security issues.For example, an ongoing e-commerce site under attack, whether the decision to immediately disconnect from the network in order to avoid greater losses.
2, the human resources director
Because many attacks come from within, so once that trouble their own side, you can immediately find your comrades in the Ministry of Personnel to talk to him heart.
3, the technical team
Responsible for the collation and analysis of security incidents, to develop countermeasures database to guide the implementation of staff for correct operation.
4, the implementation of staff
Real firefighters, where fire, to appear where you are!
5, external resources
Some heinous acts of destruction, serious harm, has been unable to manage their own side, and then to rely on the support of social forces, such as the ISP, public security departments.A deterrent to their large, two to the authority of their policies.
Q: If someone said they were invaded from the address of our site, and how to do?
Leave a situation like this: someone sends you an Email, a nose with eyes that he suffered the invasion of your address, and paste to a log message like the following:
Nov 6 07:13:13 pbreton in.telnetd [31565]: refused connect from xx.xx.xx.xx
Finally, they are very polite to say seriously, hope you serious investigation.
How do you say?