what a good web security co. should do

[7528] 主题： what a good web security co. should do

	作者： leaflet (Leaf)
	标题： what a good web security co. should do
	来自： 61.165..
	发贴时间： 2002年07月07日 14:32:10
	长度： 5038字

	NSFOCUS Security Services Preface Nsfocus research department always keep an eye on the most up-to-date network security vulnerabilities. Specialized teams are formed to study important secu rity topics like Distributed Denial of Service, SUN RPC Remote Overflow, Windo ws NetBIOS Security, Windows IIS security, Buffer Overflow Protection and Init iative Detection of Network Intrusion. A series of achievements have been obta ined, some of which are not only advanced in China but also industry-leading. NSFOCUS development department of security products has the technique and expe rience to develop some high-tech security products like Network Security Scann er, Firewall, Intrusion Detection System(IDS). NSFOCUS expects to release some 　world-class security products in the near future. As well as research and development, NSFOCUS also provide the most integrated and comprehensive service of networks security. Our customers include famous I SP/ICP like Beijing Telegraph Office, Beijing Information Harbor, China.com, S ina, Sohu, 8848 Online Supermarket, Enreach etc, and some big enterprises like 　Galaxy Security, Meitian Yingfu and Konca Groups etc. Being a security integration provider, by offering total network security solu tion, advanced network security technique service and excellent network securi ty products to our customers, NSFOCUS devotes himself to improving the securit y technique and building a “Green Peaceful Network” in China. Services 1、Remote Penetration Test Evaluate security risk from remote penetration test 2、Comprehensive Security Scan Including remote penetration test, local security scan, local security audit a nd total security policy, as well as: Regular local scan and security risk evaluation under the instruction of custo mer’s engineer Regular external scan for host and network to find problems and ensure securit y. 3、CGI Audit Audit of CGI source code for potential or known vulnerabilities. NSFOCUS has individual personnel on security of CGI applications. As well as t esting application developed by customer through black box or white box method s, they can rapidly enhance security service as soon as some new exploitation of CGI and application vulnerabilities is discovered. 4、Integrated Security Advisory NSFOCUS assigns individual personnel to follow the development of security ind ustry. NSFOCUS R&D Department focuses on research of security technique. Security Advisories no less than 12 times a year Regular security publications Other security advisories 5、Overall Security Related Projects Handling Handle overall security related projects 6、Security Training Training of System Administrator Training of Management Staff Training of Ordinary Staff 7、Emergency Respond Stop attacks Restore damaged system Regain normal running of network Check backdoors Conserve evidence Trace intruder 8、Total Solutions Advise on selection of above-mentioned services Provide necessary security products and solutions. 　　 Training of System Administrator Our training courses for system administrator can be divided into 4 parts: Sec urity strategy and management, UNIX system security courses, Network security and firewall configurations, Senior hacking defense courses. Security Strategy and Management Introduction: Brief introduction of the concept of system security, cases and different vulnerabilities. UNIX System Security Course Introduction: Unix system security strategy, example of system security operat ion, acquirement of system security tools, etc. Network Security & Configuration of Firewall Introduction: Introduction of firewall, configuration principle of different f irewalls Senior Training-- Anti-hacking Skill Course Introduction: Thoroughly explanation of stack over flow vulnerability in UNIX/ NT system, IP Spoof，Sniff，Denial of Service，IP hijacking etc. 　 Training of Ordinary Staff Guide of Computer Security Introduction: The enterprise network is a comprehensive and non-stop organism, 　attacking from outside only occupies about 20% of the total attacking resourc e. Security operation is also very important for ordinary staff. Service Process & System 　 Customers Being a leading security service and integration provider, we provide security 　solution, product, Detection, Consulting and Training service to numerous suc cessful enterprises all over China. Our client includes: One of the largest e-business websites in China Most famous human resource website in China Famous e-business & gateway website The largest stockjobber (come from 4 companies) in China ---China Galaxy Secur ities The first & largest online digital develop website in China―Meitian Yingfu Ne twork One of the largest virtual hosting providers―Beijing Wayx Network Technology A Famous ISP/ICP
	========== * * * * * ==========