On the local network Telecommunications Internal data Communicate Network (L_DCN) to describe the security risks exist, and from Network Security , System security, application security, information security, management, security and other aspects of the appropriate security solutions.

  L_DCN Telecom is supporting the local network application system for all information network platform. L_DCN to Telecom’s customer service, production management, business development, internal management and bring great convenience, but also brought many challenges, especially security issues. How to ensure the safety of L_DCN has become carriers of information necessary for the healthy development and solving the important issues to consider. Based on the L_DCN safety risk assessment analysis, security solutions.

1, L_DCN Status L_DCN is a computer-based data communication integrated information network, telecommunications companies realize information communication and resource sharing. L_DCN carrying the main information application systems: integrated business management system (that is, “97″ system), billing system, customer service system (ie, system No. 10000), the professional network management system, OA, etc.. Figure 1 for a telecommunications company L_DCN local network topology diagram, this all interpretations are based on the topology.

Figure 1 L_DCN topology L_DCN more complex applications, the information belong to different subnets, the subnet is L_DCN major component of integrated office network is among the various subnets. L_DCN export more to the provincial company and the county (city) offices have interfaces, billing system interface to the bank, No. 10000 has its own Internet system export. In addition, L_DCN in the client are many and widely distributed, sometimes ADSL Or telephone dial-up Internet users. The exit of the lack of appropriate security isolation facilities, in different security zones did not take appropriate safety measures, the lack of necessary network security audit measures from telecommunications companies vulnerable to internal and external range of attacks and threats.

2, L_DCN security risks L_DCN the network by analyzing the structure and use of ISSScanner, X-Scan, Nmap and Sniffer.

On L_DCN the host, network, database and application systems to scan, monitor, security risks come mainly from L_DCN:

2.1 network security risks 2.1.1 Internet security risks

The Internet to make online information sharing and opening up, there are serious security risks, because the survival of TCP / IP family of the lack of appropriate security mechanisms, in a safe and reliable, QoS , Bandwidth, and so there is no adaptation, and the intention of users is diverse. L_DCN there are ADSL or dial-up clients, making L_DCN face, such as hackers trying to break into the security implications.

2.1.2 outreach network security risks

L_DCN outreach network include companies with provincial and county (city) company, banks and other interfaces, there is not credible outreach network node regions on L_DCN cause some security threats. For example: an intruder can use the Scanner and other sniffer program, by scanning the existing network and operating system vulnerabilities such as open TCP port, save the user name and password of the documents, and through the exploits of the L_DCN attack; intruder can Sniffer network monitoring tools such as access to L_DCN user names, passwords, etc., and then fake-house legal status for illegal log, telecommunications company to steal important information, such as customer information, financial data. Figure 2 identifies the vulnerability, remote buffer overflow can be user password.

Figure 2 identifies vulnerabilities 2.1.3 internal network security risks

Known network security incidents, about 70% of the attacks from internal network. L_DCN carrying various information applications have their own private information and data, between nodes in the internal network, there is great security risk. For example: by Local area network Completely shared directory, you may inadvertently bring important information (such as the customer data) stored in the shared directory, resulting in information disclosure; internal management intentional or not leak system administrator user name and password and so on. Figure 3 is the use of weak super-user password information, visit the user’s machine in a sample.

Figure 3 weak passwords leak 2.2 system security risk L_DCN exist in various types of server systems, Router , Switch As well as a large number of desktop. Mainly in server operating systems, database systems and various application software systems; routers and switches have the appropriate operating system. The system more or less the existence of a “back door” and loopholes, the default configuration, weak password or an empty password, unnecessary services, such as security patches are not playing a significant security risk. Figure 4 that the SQLserver configuration sa user password is empty.

Figure 4 empty password hidden 2.3 the risk of data

L_DCN many of the transmission of data in plaintext, an attacker can the network transmission line (in particular, WAN ) Installed bugging devices in the network transmission steal important data, and then read data through a number of information technology, resulting in leakage or do something to undermine the integrity of data tampering. The data transmitted in the network of insecurity on the telecom companies constitute a serious security threat.

2.4 application security risks Applications are broad, dynamic, application security is multifaceted. Exist in the current L_DCN WWW browsing, E-mail, software vulnerabilities and the “back door”, resource sharing, the risk of viruses and other security applications.

2.5 the risk of network management

Network management is an important part of L_DCN security. Inadequate safety management system is an important source of network risk. Network administrator or the operating system is not configured properly and timely update patches security holes caused; use of weak passwords; user security awareness is not strong, will be free to tell others their own account and so on, these management problems are, no matter how sophisticated security policies and network security system are not addressed, will cause the L_DCN at risk.

3, L_DCN Security Total Solution

L_DCN Security Total Solution

I am a professional editor from Chinese Manufacturers, and my work is to promote a free online trade platform.
http://www.chinaqualitycrafts.com/ contain a great deal of information about
ceramic fan heaters , compact heater fan
welcome to visit!