Router operating system network operating system HP JE074A as vulnerable to hacker attacks. MostSMEs do not employ the router engineer, also does not have the function as a must
to dooutsource. Therefore, network administrators and managers is not very understanding there is no time to ensure the safety of the router. The following is to ensure that the ten basicskills of router security.
1, update your router operating system
As the network operating system, router operating system also needs
to be updated, so that the correct programming errors, software flaws and buffer overflow problems. Always check the manufacturer of your router and operating system updates the
current version.
2, to modify the default password
According
to Carnegie Mellon University's computer emergency response team said, 80% of the security incidents are due to weak or default passwords caused. Avoid using commonpasswords, and the use of uppercase and lowercase letters, mixed mode as the more powerful password rules.
3, disable the HTTP settings and SNMP (Simple Network Management Protocol)
Your
router's HTTP settings section is easy to set up for a
busy network
administrators.However, this
router is also a security
problem. If your router has a command-line settings,disable the HTTP method and use this set up. If you do not use your router's SNMP, then you don't need to enable this feature. Cisco router has a vulnerable GRE tunnel
attack of SNMP vulnerabilities.
4, block ICMP (Internet control message protocol) Ping request
Ping and other ICMP functions are very useful tools for network administrators and hackers.Hackers can use enabled on your router's ICMP function to find could be used to attack your network information.
5, disabled from the Internet telnet command
In most
cases, you don't need to come from the Internet interface active telnet session. If you
access your router from the internal settings
will be more secure.
6, disable the IP directed broadcast
IP directed broadcast to allow
for your equipment to implement the denial of service attack. A router memory and CPU to bear too many requests. The results
will lead to a buffer overflow.
7, disable the IP routing and IP re orientation
Re
orientation allows packets and then went out from another interface came from
an interface. You don't need to elaborate packets redirected to a dedicated internal
network.
8, packet filtering
Packet
filtering is only allowed to enter the kind of data you transfer your network. Many companies are allowed to use only 80 port (HTTP port) and 110/25 (email). In addition, you can block and allow the IP address and scope.
9, review the safety record
By simply use some time to review the log file for you, and you will see the obvious way to attack, and even security vulnerabilities. You will experience so many attack surprised.
10, unnecessary services
Always disable unnecessary services, both routers, servers and workstations on unnecessary services to the disabled. Cisco devices default to provide
some small service by network operating system, such as echo (Hui Bo), HP JD320B chargen (Character Generator Protocol) and discard (discard protocol).
More information, please view:
http://www.h3network.com
没有评论:
发表评论