1 business website security monitoring
to the electronic commerce website security situation carries on the effective surveillance, the prompt discovery security flaw and takes the remedial measure is extremely important. The following steps are used to monitor the security of e-commerce website.
1) find web security vulnerabilities
(1) often visit the network security sites, access to the latest information on network security information, to obtain information on the impact of e-commerce security software and hardware security vulnerabilities.
(2) the use of specialized tools to inspect e-commerce sites to determine whether there is a security vulnerability site.
(3), according to the vulnerability of the published solutions, to find the same problems exist in the site, and timely repair. For undisclosed solutions vulnerabilities, should pay close attention to the relevant information, should be closed when serious service.
2) to determine the main objectives of site security monitoring
site running the process of unsafe factors include:
(1) leaks. Mainly authorized or unauthorized users to steal important information from others.
(2) unauthorized access. Unauthorized access to a system or system.
(3) loss of system integrity.
3) determine the main mode of monitoring
at present, the main site security monitoring intrusion detection technology. Its main functions are:
(1) monitors and analyzes customer and system behavior.
(2) audit system configuration and vulnerability.
(3) to evaluate the data integrity of sensitive systems.
(4) identify attack behavior.
(5) statistics on abnormal industries.
(6) tracking and identifying violations of safety rules.
(7) automatically searches for system related patches.
4) monitoring the results of the records and inspection
through monitoring and recording of the results of the inspection, it is possible to analyze the source of hackers, and play a deterrent to hackers. For UNIX system, analysis system can record Daemon event in syslogd, depending on the configuration requirements; the two system records the: Syslog, Messges. For the Windows system, you can also view the system event log file. For the frequent occurrence of intruders in the record, you can query the IP. If the IP address does not correspond to the domain name, you can first IP address classification, and then to the InterNIC query until the query is completed, it is necessary to report the national network security department. Site safety monitoring should promptly report to the leadership, on the one hand, let the leaders know, another