Monitoring Network

Monitoring network is a monitoring network state, data flow and Internet information transmission management tool, it can will network interface set to monitor mode, and can intercept the network in transmission of information. That is to say, when hackers login web host and obtain super user permissions, if want to move on to another host, using Internet surveillance can effectively intercept data from the network, it is the best way to hackers use. But the network monitor can only used to connect the same segment of the network host, is usually used to obtain the user password etc.

Useful place

Monitoring network is the best means database security audit

Abstract:

Long-term since, the protection business continuity and performance, under the precondition of maximum security database security has been database management personnel, safety management staff of the tireless pursuit security objectives. This article will mainly introduces four kinds of database security audit techniques, and suggest optimization monitoring network mode.

Database system as one of three basic software are not born in computer generated at the same time, along with the development of information technology, the traditional file system already cannot satisfy people's needs, in 1961, the American general electric company successfully developed the world's first database system IDS (Data Store) done, established to the foundations of database. After decades of development and practical application, technology is more and more mature and perfect, Oracle representative products have the Oracle, IBM DB2, Microsoft's MS - SQL Server, etc.

Nowadays, database system in business management and other areas have already have very wide range of applications, such as ERP system, billing system, the subsystem, etc. Database system as the core of the application system of the business operation, bearing key data, is the enterprise core IT capital one

.

Therefore, since a long time ago, in security business continuity and performance, under the precondition of maximum security database security has been database management personnel, safety management staff of the tireless pursuit security objectives.

Database security risk is more internal irregularities

Database security involves intrusion defense, account management, access control, safety audit, anti-virus, evaluate reinforcement, etc, common security products such as UTM, intrusion detection, scanning loopholes and other products to ensure the normal operation of the database system plays an important role. But for many, through a security incident processing, analysis, investigators found the enterprise internal personnel violations caused by the larger percentage accounted for.

Investigate its reason, is mainly because these illegal behavior and the traditional attack behavior is different, for internal infractions can't use against mechanism and vulnerabilities were analyzed, and it is the mechanism that resist the external invasion led to the product without animations. Therefore, to prevent internal violations is in the construction of the inner audit system needs, based on the analysis of the operation behaviors of violations, realize the timely response and traceability.

According to investigation reports (based on Verizon 2009 for 2 billion 85 million times accumulatively vandalism data analysis),

Can see the attempt to database system for ACTS of sabotage, than the highest 75%. Why is this?

The main reason is that: on one hand because of database system often carrying critical business data, but these data involves enterprise all aspects of the information from the political, economic, the value of it have important; On the other hand, because of the database system usually more complex, and its continuity and stability have high requirements, safety management personnel in the relative lack of knowledge of the case, tend to appear unexpected, dare not to think, dare not move, leading to the database security management lags the meet the needs of the business.