what a good web security co. should do

[7528] 主题： what a good web security co. should do

	作者： leaflet (Leaf)
	标题： what a good web security co. should do
	来自： 61.165..
	发贴时间： 2002年07月07日 14:32:10
	长度： 5038字

	NSFOCUS Security Services Preface Nsfocus research department always keep an eye on the most up-to -date network security vulnerabilities. Specialized teams are formed to study important secu rity topics like Distributed Denial of Service, SUN RPC Remote O verflow, Windo ws NetBIOS Security, Windows IIS security, Buffer Overflow Prote ction and Init iative Detection of Network Intrusion. A series of achievements have been obta ined, some of which are not only advanced in China but also indu stry-leading. NSFOCUS development department of security products has the tech nique and expe rience to develop some high-tech security products like Network Security Scann er, Firewall, Intrusion Detection System(IDS). NSFOCUS expects t o release some world-class security products in the near future. As well as research and development, NSFOCUS also provide the mo st integrated and comprehensive service of networks security. Our customers in clude famous I SP/ICP like Beijing Telegraph Office, Beijing Information Harbor , China.com, S ina, Sohu, 8848 Online Supermarket, Enreach etc, and some big en terprises like Galaxy Security, Meitian Yingfu and Konca Groups etc. Being a security integration provider, by offering total network security solu tion, advanced network security technique service and excellent network securi ty products to our customers, NSFOCUS devotes himself to improvi ng the securit y technique and building a “Green Peaceful Network” in China. Services 1、Remote Penetration Test Evaluate security risk from remote penetration test 2、Comprehensive Security Scan Including remote penetration test, local security scan, local se curity audit a nd total security policy, as well as: Regular local scan and security risk evaluation under the instru ction of custo mer’s engineer Regular external scan for host and network to find problems and ensure securit y. 3、CGI Audit Audit of CGI source code for potential or known vulnerabilities. NSFOCUS has individual personnel on security of CGI applications . As well as t esting application developed by customer through black box or wh ite box method s, they can rapidly enhance security service as soon as some new exploitation of CGI and application vulnerabilities is discovered. 4、Integrated Security Advisory NSFOCUS assigns individual personnel to follow the development o f security ind ustry. NSFOCUS R&D Department focuses on research of security techn ique. Security Advisories no less than 12 times a year Regular security publications Other security advisories 5、Overall Security Related Projects Handling Handle overall security related projects 6、Security Training Training of System Administrator Training of Management Staff Training of Ordinary Staff 7、Emergency Respond Stop attacks Restore damaged system Regain normal running of network Check backdoors Conserve evidence Trace intruder 8、Total Solutions Advise on selection of above-mentioned services Provide necessary security products and solutions. 　　 Training of System Administrator Our training courses for system administrator can be divided int o 4 parts: Sec urity strategy and management, UNIX system security courses, Net work security and firewall configurations, Senior hacking defense courses. Security Strategy and Management Introduction: Brief introduction of the concept of system securi ty, cases and different vulnerabilities. UNIX System Security Course Introduction: Unix system security strategy, example of system s ecurity operat ion, acquirement of system security tools, etc. Network Security & Configuration of Firewall Introduction: Introduction of firewall, configuration principle of different f irewalls Senior Training-- Anti-hacking Skill Course Introduction: Thoroughly explanation of stack over flow vulnerab ility in UNIX/ NT system, IP Spoof，Sniff，Denial of Service，IP hijacking etc. 　 Training of Ordinary Staff Guide of Computer Security Introduction: The enterprise network is a comprehensive and non- stop organism, attacking from outside only occupies about 20% of the total att acking resourc e. Security operation is also very important for ordinary staff. Service Process & System Customers Being a leading security service and integration provider, we pr ovide security solution, product, Detection, Consulting and Training service t o numerous suc cessful enterprises all over China. Our client includes: One of the largest e-business websites in China Most famous human resource website in China Famous e-business & gateway website The largest stockjobber (come from 4 companies) in China ---Chin a Galaxy Secur ities The first & largest online digital develop website in China— Meitian Yingfu Ne twork One of the largest virtual hosting providers—Beijing Wayx Netwo rk Technology A Famous ISP/ICP
	========== * * * * * ==========