Technical Articles

Technical Articles

As data security issues happen more and more frequently, Web server security has become a leading concern for all enterprises and IIS Web server is the main attacked target. It is an unforgettable lesson for all victims of the event that CSDN leaked out almost 6000,000 users' private information in 2011. Nowadays, Web server security catches more and more network users' attention. Here, effective measures targeting Web server security of Windows Server operating system are recommended for you. 1.  Physical security Web server should be placed in the isolated room equipped with monitors and all records should be preserved well. Chassis, keyboard and computer table drawer should be locked and the key should be placed to a secure location, so as to prevent malicious users from using the computer. 2.  Users account security Windows Server operating system users had better rename the manager account whose default name is Administrator, and enable password security policy. To harden Web server security, users are advised to set much advanced password and enable combination lock, so as to prevent brute force password crackers. Moreover, it is necessary to create new user account and add it to Administrators group, preventing the sole manager account from being locked. 3.  Stop unneeded services Here, multiple services needing to be stopped are listed: -  Computer Browser -  Distributed File System -  Distributed link tracking client -  Error reporting service -  Microsoft Search -  NTLM Security support provide: telnet -  Print Spooler -  Remote Registry -  Remote Desktop Help Session Manager 4.  Close unnecessary ports Closing port means the decrease of functions, so Windows Server operating system users have to strike a balance between Web server security and system functions. Providing that Web server is situated behind system firewall, Web server security can be ensured to some extent. Open port scanning by using port scanner is the first step to prevent against hackers. Here, multiple TCP ports can be closed for the sake of Web server security: Web service: HTTP port: 80 and HTTPS port: 443 Windows terminal service: port: 3389 SSH service: port: 22 Telnet service: port: 23 MySQL database: port: 3306 5.  Store sensitive files into another file server Though present server hard disk possesses large capacity, users still need to take file security into consideration when they are storing sensitive data, such as files and data sheets. To ensure file security, users are advised to store those data into file server and back up them regularly. 6.  Prevent system from showing the username of the latest login By default, when certain server gains terminal service, the login dialogue box will display the username of the latest login, giving malicious users chance to decode the password of obtained user accounts. By rectifying registry, Windows Server operating system users can prevent system from displaying the username of the latest login. 7.  Download the newly updated patches Most managers have not developed a good habit of visiting secure sites, so there may be bugs which are risky to Web server security. As we all know, the newly updated patches can fix existing bugs to some extent, so users can download service pack and patches via secure Microsoft websites to maintain Web server security.

With the promotion of informatization construction, the application of information technologies and systems gets wider, and data amount soars. Naturally, data security becomes a leading concern for all enterprises. Once suffering from DDoS attacks, Trojan, computer virus, worms, etc, enterprises may have taken firewall systems, intrusion detection devices, gateways, data encryption software and other hardware devices so as to harden enterprise data security. Well then, what kinds of technologies can be used to protect enterprise data at present? Here, we would like to introduce transparent data encryption software, document right management software and outgoing file management system. Transparent Data Encryption Software The transparent data encryption software mentioned here does not refer to individual data encryption software that can be randomly downloaded from the Internet. As a matter of fact, those kinds of software can only perform "pseudo data encryption", and the encrypted data can be decrypted, leading vital files to be lost and bringing economical losses. It is extremely necessary for enterprises to encrypt the vital file data such as source code, graphic design sketches, circuit design diagram and audio files data from product development department and product design department of the enterprises. Moreover, enterprise managers are supposed to pay high attention to file data security during the course of file usage, storage and delivery. With the gradual maturity of transparent data encryption technology, transparent data encryption software is flourishing on current software market and Smartsec is preferred by many enterprise users. Document Right Management Software For individual users, they can employ the Windows Rights Management Services and Information Rights Management to prevent malicious users from misusing emails and Office texts (Including Word, Excel, PowerPoint, etc.) by forwarding and copying. And DRM (Data Rights Management) is commonly taken by foreign individual users so as to manage document access rights. Actually, the mentioned document right management measures are far from being enough for enterprise users to maintain enterprise data security. Instead, enterprise managers should take more advanced document right management software or professional document right management systems to harden data security of enterprise. Outgoing File Management System Enterprises will inevitably run high risk of leaking out confidential enterprise data if they leave aside the outgoing file data which will be send to business partners or employees on business. For the sake of enterprise data security, adopting outgoing file management system is a highly suggested measure. On current software market where outgoing file management software is overflowing, it is easy to find a fully qualified one to protect enterprise data security and the E-Safenet is a piece of outstanding software.

Microsoft SQL Server 2005 exercises leadership in the business intelligence (BI) filed by virtue of scalability, data integration, development tools, powerful analysis ability, etc. Via real-time crucial information transmission, the business intelligence of Microsoft SQL Server 2005 is realized. Owing to the business intelligence of Microsoft SQL Server, staffs, information workers and even CEOs can effectively manage data, so as to make better decisions. Moreover, more value will be brought to the already-have applications of enterprises (even on different platforms) via the functions of Microsoft SQL Server, such as data integration, data analysis and data reporting. Compared with previous Microsoft SQL Server versions, business intelligence of Microsoft SQL Server 2005 is promoted, and we can see it from the following aspects:

Being an integrated business intelligence platform, Microsoft SQL Server 2005 provides users all features, tools and functions serving typical or innovative data analysis applications. SQL Server 2005 Business Intelligence provides an end-to-end BI application integration:

Design: based on Visual Studio 2005, Business Intelligence Development Studio is the first integration development environment specially designed for business intelligent system developers.

Data Integration: since "Data Transformation Service"(DTS) has been rewritten, present DTS can perform data integration, transformation and synthesis of oversized data. Business Intelligence Development Studio makes software package establishment and debugging more vivid. DTS, Analysis Services and Reporting Services provide online casino a seamless data view for data from heterogeneous data resources.

Data analysis: the data mining function provided by Microsoft is easy to use all along. Nowadays, the function data mining is optimized to a large extent with the introduction of other vital algorithms (including association rule, time series, regression tree, etc). The boundary between relational database and multidimensional database is blurred by Microsoft Server 2005, so users can save data into both relational database and multidimensional database. However, new functions are also added to the Analysis Services: MDX script, key performance indicator frame and other advanced business analysis methods.

Data reporting: the usage range of Reporting Services of Microsoft Business Intelligence is expanded to cover business users who use the data analysis function. Being an enterprise-level reporting environment, Reporting Services performs report insertion and management via Web services. Users can set and submit reports in personalized forms via interactive and printing options. Then, the report in the form of data resource will be delivered to downstream business intelligence so that the complicated data analysis will cover a wider range. Microsoft SQL Server 2005 is equipped with the new reporting tool: Report Builder.

Data management: SQL Server Management Studio is responsible for all SQL Server 2005 component management.

Are you disturbed by Web application security issues? How much do you know about DoS attack, being one of the biggest threats to Web application security? Here, the introduction to DoS attack is demonstrated. DoS (short for Denial of Service) attacks refer to certain attacks that will prevent legitimate users of a service from using that service, such as network traffic congestion which is able to prevent intended users from receiving corresponding service. DoS is an easy but effective way to implement cyber attack so as to deny intended users" requests, damage normal running and then lead Internet connection and web system fail. There are many methods of DoS attack, and maximizing consumption of computational resources so as to prevent any other work from occurring is the most basic one. The implementation process of DoS attack At first, attackers send multiple external communication requests with fake address to certain server. Then, the server will send out corresponding response information. Since the given requests addresses are forged, the server can not obtain feedback, failing in releasing needed resources. Afterwards, the connection will be cut off due to time-out error. At this time, attackers will trigger bats of requests until resource starvation happens. As it is hard to prevent DoS attack owning simple implementation methods and highly attainable aims, server users are supposed to get quite familiar with the attack, and then work out possible strategies to harden Web application security. A DoS attack can be implemented via various ways: 1. SYN FLOOD By making use of Backlog Queue and special programs, DoS continuously doubles the number of unsolicited TCP connection requests marked with SYN. Regarding those as unreviewed requests, the server will distribute them to Backlog Queue. Once SYN queries occupy the whole space of Backlog Queue, all coming requests will be denied by the server. There is every chance that the requests from legitimate users are also rejected by the server. 2. IP address forging Providing that a legitimate user whose IP address is 1.1.1.1 has established connection with corresponding server, but attackers forge the IP address 1.1.1.1, and send a TCP data segment carrying RST. In this condition, the server will inevitably empty the already-established connection in Backlog Queue, deeming that the 1.1.1.1 connection is incorrect. If legitimate users want to resend data, they have to reestablish connection. 3. Self-consumption DoS attack through self-consumption is an old-fashioned attack method. To implement attack, DoS will send client-end IP port which is identical to IP port of the host machine to the host machine. Receiving certain requests, the host will send TCP requests and connections to itself until all system resources are consumed. 4. Overfilling server hard disk Generally, if there is no limitation for server writing, DoS can implement attack via overfilling server hard disk via those ways: Via sending spam Mail server and Web server are placed together, so malicious users can send large sum of spam until the mail box or server hard disk is stuffed. Via creating logs Since server will record all errors, invaders can forge and then send errors to server. In this way, the recorded logs may overfill the server hard disk. Moreover, it is hard for managers to find out logs which exactly record the correct errors. 6. Reasonable strategies The security strategies to lock up user account are available in server. For instance, a user account will be locked once users enter wrong passwords three times in a row. The mentioned security strategy can also be used by malicious users. Legitimate users may fail to log in, if malicious users conduct wrong login. To protect Web application security, computer users are supposed to have a profound master of how DoS attack works, and spare no efforts to prevent it.