ChinaNetCloud Online Lecture: Fight Against External Attacks From Different L...ChinaNetCloud
Internet makes the world brand-new, but it also put the system safety in danger— security problems such as DDOS attacks, data theft, and BotNet always bothering IT operations teams. How can we defend ourselves from these types of attack? By implementing four layers of security protection: network, system, code, and operation maintenance.
On July 5, Wang Han, senior architect of ChinaNetCloud shared our view points about “How to resist external attacks” with dozens of audience through webinar.
Designer | Yu-Hui Ma
Department | Tamkang University(淡江大學) / Information Management_2C(資訊管理學系)
Subject | Linux File System Format Introduction(Linux 檔案系統格式介紹)
ChinaNetCloud Online Lecture: Fight Against External Attacks From Different L...ChinaNetCloud
Internet makes the world brand-new, but it also put the system safety in danger— security problems such as DDOS attacks, data theft, and BotNet always bothering IT operations teams. How can we defend ourselves from these types of attack? By implementing four layers of security protection: network, system, code, and operation maintenance.
On July 5, Wang Han, senior architect of ChinaNetCloud shared our view points about “How to resist external attacks” with dozens of audience through webinar.
Designer | Yu-Hui Ma
Department | Tamkang University(淡江大學) / Information Management_2C(資訊管理學系)
Subject | Linux File System Format Introduction(Linux 檔案系統格式介紹)
The development trends of smart applications and open source system software ...William Liang
This talk was given on 2017/01/24 in NTU CSIE to describe the development trends for IoT smart applications and open source system software. Tree topics are included in the slides: 1. introduction to IoT and possible smart applications, 2. a new trend for the integration of cloud & terminal devices, and 3. how open source can be used to help make commercial products, especially for the diversified IoT markets.
The slides were created in Chinese, entitled "近年智慧應用與開源系統軟體發展趨勢".
Wang Min is a Project Manager at the Urban Traffic and Underground Space Design Institute, part of the Shanghai Municipal Engineering Design Institute (Group) Co., Ltd. He is one of the key mangers for Shanghai Hongqiao integrated transport hub, and is responsible for underground space planning. He has also played a key role in underground planning for Shijiazhuang.
BrightTalk session-The right SDS for your OpenStack CloudEitan Segal
Discover the benefits of having a purpose-built SDS Block system supporting your OpenStack Cloud OS with all of its components; bare metal, virtual machines and containers.
Presentation on Internet Security by @SteveMushero of @ChinaNetCloud, given in Shanghai in May, 2015.
Covers threats, risks, and solutions.
Bi-lingual English & Chinese.
Introduction of OpsStack--Integrated Operation Platform developed by ChinaNetCloud
Operations Evolution Underway
Customer Challenges
OpsStack Killer Features
ChinaNetCloud Online Lecture:Something About TsharkChinaNetCloud
On Jul 26, Cecil Han, Senior engineer of ChinaNetCloud, shared insights on the topic of “Something about Tshark” with audience of ChinaNetCloud Webinar.
What is Tshark?
Why we need Tshark even we have tcpdump?
Common parameters
云中漫步 颠覆创新_创业邦春季创新峰会主题演讲 Cloud Innovation in ChinaChinaNetCloud
President of ChinaNetCloud, Yinan Gu's keynote speech at 2016 DEMO CHINA in Beijing, May 11.
Cloud Innovation in China, Speech at DEMO China in May, 2016 in Bejing by Yinan Gu, ChinaNetCloud's President (in Mandarin)
ChinaNetCloud talk on Operations-as-a-Service at AWS China Summit 2015 in Shanghai. Covers OaaS cases, technology, and AWS.
Given December 17th, 2015, in Shanghai, in Chinese by Yinan Gu.
Running Internet Systems in China - The Details You Need to Succeed in Chines...ChinaNetCloud
There are a lot of misconceptions about how the Internet actually works in China.
China’s Internet has it’s own set of unique problems such as regulatory, legal, infrastructure, connectivity, etc.
In this presentation we will examine the modern Chinese Internet, it’s structure, challenges, and how to succeed in the world’s most populous country.
Internet Cloud Operations - ChinaNetcloud & AWS Event BeijingChinaNetCloud
Internet Operations in the cloud, presented by ChinaNetCloud at joint AWS event in Beijing June, 2015.
Covers background, how clouds are different, key issues, and how OaaS (Operations as a Service) helps.
Cloud Operations Challenges - Talk by ChinaNetCloud at Joint Cisco eventChinaNetCloud
Talk given by ChinaNetCloud CEO Steve Mushero at joint event with Cisco in Beijing on April 2, 2015.
Covers what's wrong with Internet Operations today and how to fix it.
ChinaNetCloud - Public Clouds in China OverviewChinaNetCloud
Overview of the Public Clouds in China, including Aliyun, AWS, Tencent plus UCloud, QingCloud, Azure, and more.
Given by Steve Mushero at BarCamp Shanghai 2014 and other events.
Linux Memory Basics for SysAdmins - ChinaNetCloud TrainingChinaNetCloud
ChinaNetCloud training for Linux Memory Basics for SysAdmins.
This is an introduction to general Linux memory for troubleshooting, monitoring, and basic understanding.
13. ChinaNetCloud – Solution Proposal *** Confidential ***
13
代码安全 —— 代码扫描
• Best practice
最佳实践
• Find new problems
找到新问题
• As you update
更新
• Third parties
第三方
• New exploits
新的改进
14. ChinaNetCloud – Solution Proposal *** Confidential ***
14
运维安全 —— 经常被遗忘
• Often forgotten
经常被遗忘
• Often use defaults
经常采取默认设置
• Or random Google search
或用谷歌搜索配置
• Source of great danger
风险的发源地
15. ChinaNetCloud – Solution Proposal *** Confidential ***
15
运维安全 —— 服务器
• Best practices
最佳实践
• Lots of small issues
许多细小问题
• Running user - 用户运行
• File permissions - 文件许可
• Dangerous uploads - PHP inside JPEGs
危险的上传
• SSL – Heartbleed, etc.
APP 服务器Web 服务器
• Best Practices
最佳实践
• Delete example APPs
删除样例
• Delete tools (Tomcat)
删除工具
• Patch Software (Java!)
软件补丁
16. ChinaNetCloud – Solution Proposal *** Confidential ***
16
运维安全 —— 服务器
数据库
• Use Best Practices
最佳实践
• Secure Configuration
安全配置
• Limited User Permission
限制用户许可
• Separate App & DBA User
区分APP和DBA用户
• Separate User for each App
区分每个APP的用户
• Safe File Permissions
安全的文件许可
• Log SQL if possible
尽可能记录SQL
18. ChinaNetCloud – Solution Proposal *** Confidential ***
18
运维安全 —— 云平台
• Best Practice
最佳实践
• Control Access
控制登录权限
• Can delete EVERYTHING
会被意外删除
• Separate Backups
备份隔离
• Out of Cloud
在云之外
• MFA Delete on AWS
AWS上删除MFA
19. ChinaNetCloud – Solution Proposal *** Confidential ***
19
运维安全 —— 网络
• Generally okay, BUT
• VPC on Clouds – Separate
使用公共云上隔离的私有网络
• Consider Out-of-Band Link (DDoS)
考虑带外数据链接
• Firewalls – Front & Middle
防火墙-前端&中间
• Secure Configuration
安全配置
• Separate test/dev network
区分测试/开发
20. ChinaNetCloud – Solution Proposal *** Confidential ***
20
运维安全 —— 备份安全
• Backups ARE part of Security
备份属于安全管理的范畴
• If all else fails, use backups
若发生意外,使用备份
• Keep them Secure
安全备份
• Avoid Theft & Tampering
防止盗窃或恶意企图
• Read-Only is Best
最好采用只读
运维安全 —— 安全监控
运维安全 —— 审计
Deep Check to Find Problems
深入检查,发现问题
21. ChinaNetCloud – Solution Proposal *** Confidential ***
总结
Security is Critically Important
安全非常重要
Increasingly Important
并且,越来越重要
Getting Harder
但也,越来越难
But more Tools
但,实用工具越来越多
Details & Experts Help
注重细节,并且需要专家帮助
• Deep Experience
丰富经验
• Experts at Every Level
全面专业
• Part of Overall Operations
是运维工作的一部分
云络可以帮您