Pre-press publishing network system security protection

In the use of computer network systems, especially in the use of Internet-connected networks, the issue of network security is the most important issue at present, and it is also a problem that most users are most concerned about. Prepress publishing network systems mainly include internal local area networks and local area networks to share the Internet. Two major parts, in the use of these two parts, need to take into account the security issues, and the two most important use of security protection is equally important. In the prepress publishing system LAN, if there is a problem with its own network security, some of the prepress data will be lost. This will preface the prepress-publishing network system. The main security risks and how to adopt effective measures to protect these security traps.

I. Overview of Computer Network Security

In the prepress publishing network system, ensuring data transmission on the network is a very important task. If there is a problem in the network, it may affect the normal operation of the entire prepress printing system, resulting in varying degrees of loss. There are three main problems in the operation of computer networks:

The first is the security of the network room. The main control room of the network system is the key to the operation of the network equipment. If security problems occur, for example, physical security (including fire, lightning, thieves, etc.), electric chlorine (including blackouts, uneven load, etc.) may cause the entire situation. The computer paper system is in an awkward state.

The second is the intrusion of viruses and hackers. The pioneering development of the Internet has made the virus a disaster. According to statistics, the vast majority of computers currently used have experienced the harm of computer viruses. Hackers pose threats to the computer network in two ways: one is the threat to the information in the network, and the other is the threat to the devices in the network. The intrusion of the computer virus mainly destroys the normal data transmission of the network system. Hackers use interception, stealing, deciphering and other means to obtain important confidential information.

Third, security vulnerabilities caused by unsound management. Judging from the broad scope of network security, network security is not only a technical issue, but also a management issue. Network security management includes various aspects such as management organization, law, technology, and economy, and network security technology is just a tool for network security.

Second, pre-press publishing network system room security protection

Pre-press publishing network system room security protection is mainly to do some basic security protection of the engine room, such as: installation and configuration of fire prevention, lightning protection, anti-theft and other facilities, but also to install the power system of the computer room, configure a good ground The device, preferably all computers are equipped with USP power and so on. Room security protection mainly includes the following aspects:

1. The main control room physical security protection.

2. The main control room electrical safety.

3. Security protection of workstations in network systems.

4. Pre-press publishing network system room specific security protection measures.

Third, the network virus prevention

1. Virus control software installation location.

Network workstations are the main way for viruses to enter the network. Therefore, installing anti-virus software on workstations is a reasonable approach. Because the task of virus scanning is shared by all workstations on the network, this makes it easy for each workstation to perform tasks. If each workstation is equipped with the latest anti-virus software, it can add viruses to the workstation's daily work. In the task of scanning, performance may decrease slightly, but no new equipment needs to be added.

The mail server is the second focus of antivirus software. E-mail is an important source of viruses. Before e-mails are sent to their destinations, they enter the mail server and are stored in the e-mail. Therefore, installing anti-virus software at this time is very effective. If the prepress publishing network system does not have a mail server installed, it will not be installed.

The network system backup server is used to save important data. If the backup server also crashes, the entire system will be completely paralyzed. Damaged files in the backup server cannot be used again or even infect the system. Preventing backup servers from being infected by viruses is an important part of protecting network security. Therefore, good anti-virus software must be able to resolve this conflict. It can cooperate with backup systems to provide virus-free real-time backup and recovery.

In addition, there may be problems in any place on the network where files and databases are stored, so these places need to be protected. The file server stores the important data of the prepress system, and stores the prepress system in the Internet server. The uploading and downloading of files without viruses is very important to the network system.

2. Antivirus software deployment and management.

1 Make a plan. First understand what type of data and information are stored on the managed network to develop an anti-virus operation plan.

2 Investigation. Choose an anti-virus software that meets the requirements and has all the features mentioned in the former.

3 test. Install and test the selected anti-virus software in a small area to ensure it is working properly and compatible with existing network systems and applications.

4 Maintenance. Manage and update the system to ensure that it performs its intended functions, and that it can use existing equipment and personnel for management; download virus signature database update files, upgrade within the scope of the test, and thoroughly understand important aspects of the antivirus system.

5 system installation. After satisfactory results have been tested, this anti-virus software can be installed throughout the entire network.

Fourth, network hackers to prevent

Hackers may take the following measures:

(1) Hosts that use teteint, ftp, etc. to transmit passwords for important confidential information applications should set up a separate network segment to prevent one computer from being compromised, and the attackers are sniffered, causing the entire network segment to be completely exposed. In the event of a condition, the important host should be installed on the switch, which may prevent sniffer from overhearing the password.

(2) Dedicated hosts only provide special functions. For example, hosts running important processes in network management and databases should not run programs with relatively large security holes. The access control in the router segment of the network management network should be limited to the minimum. It is necessary to study the process port numbers necessary for various types of processes and close unnecessary ports.

(3) The log files of each host opened to users are all directed to a syslogd server for centralized management. The server can be hosted by a uni* or Windows NT host that has a large-capacity storage device, and periodically checks the backup log host. data.

(4) The network manager must not access the Internet and should set up a special computer to use ftp or WWW download tools and information.

(5) Provide e-mail, www, DNS function host does not install any development tools, to avoid attackers compile the attack program.

(6) The principle of network configuration should be "Minimization of user rights", for example, closing unnecessary or unknown network services without e-mailing passwords.

(7) Download and install the latest operating system and other application software security and upgrades, install several necessary and necessary security enhancements, limit access to the host, strengthen log records, perform integrity checks on the system, and regularly check users The vulnerable password and informs the user to modify it as soon as possible. Important users' passwords should be modified regularly, and different hosts use different passwords.

(8) Regularly check the system system log files, backup them on the backup device in time, formulate a complete system backup plan, and strictly implement it.

(9) Periodically check the key configuration files in the network system.

(10) To formulate detailed intrusion emergency measures and the Jiangbao system. Found signs of intrusion, immediately open the process record function, while saving the list of processes in memory and network connection status, protect the current important log files, if conditions permit, immediately open another host on the network segment to monitor network traffic, Try to locate the location of the intruder. You can also disconnect the network. If the service host cannot continue to service, you should be able to restore the service from the backup reserve to the backup host.

Taking certain preventive measures to prevent hackers can greatly weaken the attack ability of hackers and serve the purpose of protecting network security. Of course, you can use the same software as anti-virus to prevent hackers from attacking.

In addition, the use of anti-hacking software can greatly enhance the attack defense capabilities of hackers in network systems. Of course, this is one of the most convenient ways to protect network systems. After anti-blackware packages are installed on network systems, it is generally unnecessary. Perform a lot of protective operations, just check it often. For anti-blackware options, you can use anti-black network antivirus software, special anti-blackware and firewall software.