Emergency response, hacker intrusion prevention and rescue, intrusion detection
Introduction to emergency response service
Emergency response scope
-
Check whether the host is hacked; -
Investigation of business security incidents such as database tampering and data leakage; -
Handle ongoing attacks to prevent hackers from further attacks; -
Comprehensive search and cleaning of mining programs, viruses, worms, trojans and other malicious programs; -
Comprehensively search and clean the WebShell, dark chain, hanging horse page, etc. in the WEB site; -
Handle exceptions caused by intrusion to help customers quickly resume business; -
Analyze hacker intrusion tactics and find out the reasons for intrusion; -
Analyze the behavior of hackers after invasion and judge the impact of invasion; -
Provide repair suggestions and guide users to strengthen security to prevent re intrusion; -
Provide safety emergency service report -
Unauthorized access, entering the unauthorized access network through intrusion, resulting in data information leakage; -
Information leakage, information leakage caused by data interception, tampering, analysis, etc. during data transmission; -
Denial of service. Normal users cannot access relevant services provided by the server normally; -
Illegal login is found in the system log; -
It was found that computer virus infection broke out in a large area of the network; -
It is found that someone is constantly trying to log into the system; -
Unknown new user accounts appear in the system; -
The administrator receives a warning letter from the system administrator of other sites, indicating that the system may be threatened; -
The access permission of the file is modified; -
System problems caused by security vulnerabilities;
Advantages of emergency response service
-
Experienced -
quick response -
Event analysis -
Professional team
Emergency response process
Emergency response principle
-
Real time principle -
Normative principle -
Confidentiality principle