Basic knowledge of being a network administrator

The following information will give you the basic requirements and necessary technologies for network management.

There are many things to learn. Install the server N times first.

1. Being a network administrator mainly involves maintaining servers, terminals, clients, integrated network cabling, network planning, etc. You may feel that the workload is heavy at first, you feel annoyed, and you are under a lot of pressure. I feel that I am impetuous at work. After a period of work practice and life pondering, I can feel that the main problem is that I have not learned to regulate myself and adjust my life interest. Naturally, the problems at work will be solved easily, and I know how to adjust myself. the beauty of life.

2. To be a qualified network administrator, you need to master the reasonable planning, dynamic management, static monitoring, remote debugging and maintenance of the network, including the topology of the network, the transmission steps of the network protocol, and the traffic of the network. Control, QOs, configuration and proper use of various protocols.

The network administrator itself is a technical position, so technology must come first. As for which technology is the most important, it depends on the needs of each unit. It may be as simple as being connected and able to visit each other. A complex network may be a matter of several or even more people. With division of labor and cooperation, everyone's maintenance and research directions are also different. Generally, small and medium-sized units do not have network management, because there are few computers and there is no need to set up a dedicated post. If there is a problem, someone can be found outside. Units with more than 20 units may need to have dedicated network managers or part-time network managers. The network managers of such units are required to have knowledge in all aspects of IT. The broader the better.

Two: Skills that enterprise network administrators need to master. To be a network administrator, you need to know a little bit about almost everything. You don’t have to be expert. Of course, you must also have your own strengths.

1. Building a system is the most basic requirement. From 1998 to 2003, from unix to linux, everyone must be able to play, but not necessarily all are good (this system is very difficult)

2. Be able to maintain PC hardware and printers (from dot matrix to inkjet to laser). If this part is not done well, you may be busy for half a day every day.

3. Be able to provide MAIL services and customers The configuration and management of terminals mainly include Exchange, Imail, Qmail, Sendmail, etc. Nowadays, enterprises have their own MAIL, and its high status cannot be ignored.

4. For windows/*nix systems To know the common service configurations, the most basic ones are of course DHCP (DHCPD), DNS (BIND), IIS (APACHE), FTP (WUFTPD/VSFTPD), AD (SAMBA), WINS, etc. If you don’t even understand these, Make up for it quickly. Otherwise, don’t go.

5. The database must at least understand SQL SERVER and MYSQL. If you know ORACLE/SYBASE/DB2/INFORMIX, your salary will definitely be 10% higher (haha a bit Exaggeration, if you know all these, why don’t you become a DBA?).

6. Simple settings and management of switches and routers are necessary, otherwise you can only go to small businesses (mainly CISCO, Huawei 3COM, Nortel, of course you must also be familiar with the low-end equipment of TP-LINK and D-LINK).

7. Familiar with integrated cabling technology (at least know how to do 568A/568B), fiber optic technology as well You need to know a little bit about it. If you are applying for a job in a factory, there are often optical fibers running between the factories.

8. Know how to plan the network and improve the stability of the network as much as possible (the most important) , security and utilization, etc.

9. Be able to write scripts, whether you are using Windows or *nix, scripts will often make your work efficiency twice the result with half the effort (assembly/C and other languages ??are even better ).

10. Know how to back up and restore data quickly and safely.

11. Be familiar with proxy firewall, anti-virus and other technologies, otherwise your network will be completely paralyzed one day. I don’t know what’s going on.

12. WLAN technology should also be mastered as soon as possible. This is a trend, and part of the network of many enterprises has integrated it.

13. Access network technology Be familiar with it, at least know what ADSL, ISDN, FTTX, FR, DDN are all about.

14. Of course, some companies require you to know ASP, PHOTOSHOP, DW, etc. when recruiting administrators. They are mainly for websites. Daily maintenance.

15. You must have a clear understanding of the entire network model and architecture. At least you must know the layers, protocols, interfaces, services, etc. If you can understand the three volumes of the TCP/IP protocol After reading the book thoroughly, you can start to become a master.

16. Have a clear understanding of the ERP system.

See what companies you can understand

How to do a good job in computer emergency response

Content summary As e-commerce and online transactions have become part of today's business society, more and more companies have been found to have security risks in their networks and have been blackmailed by computer criminals. When a security breach occurs in an enterprise's network, the company's core business information and confidential business information will be stolen. In addition, fraud related to online banking has also gradually increased. Retailers' back-end databases have been attacked and credit card information has been stolen. More and more companies are losing profits and productivity due to an increasing number of denial-of-service attacks. Count...

---------------------------------------- -------------------------------------

With e-commerce and online Transactions have become a part of today's business society, and more and more companies are being blackmailed by computer criminals because of security vulnerabilities found in their networks. When a security breach occurs in an enterprise's network, the company's core business information and confidential business information will be stolen.

In addition, fraud related to online banking has also gradually increased. Retailers' back-end databases have been attacked and credit card information has been stolen. More and more companies are losing profits and productivity due to an increasing number of denial-of-service attacks.

Computer crimes and worm virus incidents continue to occur. How should enterprises respond to computer emergencies to ensure that enterprises suffer the least economic losses when attacked. Ye Zi talks about his views in the article below.

After the Morris worm incident in 1988, the United States established the world's earliest Computer Emergency Response Organization (cert). Since our country established its first emergency response organization in 1999, it has played a significant role in handling several large-scale network security incidents. So how should companies establish an emergency response organization? Let’s first understand what emergency response is.

What is emergency response?

Generally speaking, emergency response generally refers to the measures and actions taken by security technicians after encountering emergencies. An emergency incident refers to a situation that affects the normal operation of a system. The system here includes problems within the host scope, as well as problems within the network scope, such as hacker intrusions, information theft, denial of service attacks, network traffic abnormalities, etc.

The two fundamental goals of emergency response are to ensure recovery and to pursue accountability.

Unless the incident is an "after-the-fact" incident, the first issue emergency responders must address is how to ensure that the affected systems return to normal functionality. In ensuring recovery, emergency responders need to preserve all necessary evidence for future use. Pursuing liability involves legal issues, and emergency responders supported by general user units or third parties mainly play a role in cooperating with analysis, because launching such an investigation usually requires judicial permission.

Most enterprises have established an independent emergency response team, often called a computer security incident response team (csirt), to respond to computer security incidents. Emergency response is multidisciplinary and requires multiple capabilities: often requiring resources from different parts of the company. Human resources personnel, legal counsel, technical experts, security experts, public security officers, business managers, end users, technical support personnel and others involved in computer security emergency response. Of course, most of these personnel are part-time and need to cooperate in emergency response work.

After an enterprise has an independent emergency response team, what should it do?

According to the pdcerf method of emergency response, we divide it into six stages, namely preparation, detection, containment, eradication, recovery, Follow-up. As shown below:

The first stage: preparation (preparation)

This stage focuses on prevention. The main work involves identifying the company's risks, establishing security policies, establishing collaboration systems and emergency systems; configuring security equipment and software in accordance with security policies, and preparing hosts for emergency response and recovery. Through network security measures, carry out some preparation work for the network, such as scanning, risk analysis, and patching. If conditions permit and with permission, establish monitoring facilities and establish a system and capability for data summary analysis; formulate strategies and capabilities that can achieve emergency response goals. Procedures, establish information communication channels and reporting mechanisms, formulate relevant laws and regulations; create usable response work packages; establish csirt that can be assembled to handle emergencies.

The second stage: detection (detection)

Detect whether the event has occurred or is in progress, as well as the cause and nature of the event. Determine the nature and severity of the incident and what dedicated resources are expected to be used to remediate it. Select detection tools, analyze anomalies, improve the monitoring level of system or network behavior, and estimate the scope of security incidents. Through aggregation, determine whether a large-scale incident has occurred across the entire network; determine the emergency level and decide which level of emergency plan to activate.

The third stage: containment

Take timely action to contain the development of the incident.

Preliminary analysis, focusing on determining appropriate containment methods, such as isolating the network, modifying the filtering rules of all firewalls and routers, deleting the attacker's login account, shutting down the exploited service or shutting down the host, etc.; consult security policies; determine the risks of further operations, Control losses to a minimum; list a number of options and explain their respective risks. The decision should be made by the client. Ensure that the blockade method has the least impact on the business of each network; coordinate and strive for unanimous action by all networks to implement isolation; summarize data to estimate losses and isolation effects.

The fourth stage: eradication

Completely solve the hidden problems. Analyze causes and vulnerabilities; perform security reinforcement; improve security policies. Strengthen publicity, announce hazards and solutions, and call on users to solve terminal problems; strengthen detection work to discover and clean up problems in industries and key departments.

Phase Five: Recovery

The attacked system is restored from backup; a new backup is made; all security changes are backed up; the service is brought back online and Continuous monitoring. Continuous summary analysis to understand the operation status of each network; judge the effectiveness of isolation measures based on the operation status of each network; judge the scale of terminals still affected through the results of summary analysis; report important users in a timely manner and resolve them when appropriate; lift the blockade when appropriate measure.

The sixth stage: follow-up

Pay attention to the security status of the system after recovery, especially where problems have occurred; establish tracking documents and standardize the recording of tracking results; The effectiveness of the response will be evaluated; incidents that have entered the judicial process will be further investigated to combat illegal and criminal activities.

The above are the response methods that enterprises should refer to when responding to emergencies. For specific business-related matters, the response process can be further refined. In addition, if a major security incident occurs in an enterprise and the internal emergency response team cannot handle it, it can be reported to the National Computer Emergency Response Coordination Center (cncert) for processing.

Credit card premium payment

What is the reason why the HSBC credit card application was not approved?

Senior citizen credit card

Dear customers of Minsheng Bank, the Minsheng Credit Card you applied for has been initially approved, and the estimated credit line is RMB 5,000.0, which is the fastest in our bank.

How to activate after getting the ICBC credit card?

I love card credit card forum community Yunnan province rural credit cooperative

How to change Taiwan Province card number with CITIC Bank credit card?

How many saints are there in the world in wilderness novels? Who are they?

Is arbitrage illegal?

I have passed the online application of CCB credit card! Ask for face-to-face interview! But I'm at home. Can I go to the nearby China Construction Bank for an interview? What do you need to bring?