The Research And Application Of A Network Security Configration Detection Model Based On Command

Today, information technology is developing, swift and violent. Sharing data and services are the development tendency of times though internet. More and more enterprises and departments enhance their dependency on internet. Meanwhile, even a small network can presents certain security problems, especially when enterprise and departments' networks expose to internet, they may be made use of by attackers and involved in some legal wrangling, even these networks do not have security requirement. Computer viruses, hacker attacking and some other security problems have influenced enterprises infomatization. If any efforts are not being take, there user may lose confidence about enterprises informatization. So, how to protect network security and prevent attack are desiderate problems to be solved.Now, many network equipment and service providers have noted the severity of network security problems, and provide safety measure in these equipments and services. If users can configure them reasonable, then there may be few problems. But the question is so many users can not configure the equipment and software, so there are potential safety hazard. This is dangerous. So this paper excogitates a network security configuration detection system base on command, this system integrate the advantages of network vulnerability scanner base on host and base on network. More vulnerability will be detected, and it's ease of maintenance and low price, of course, no client will be installed in customers' computer. Easy to expand is also a important advantage. It can scan most frequency network equipments and software, and warns administrators to improve. So most attacking will be prevented.This paper mainly introduces vulnerability and vulnerability scanning technology and compares two kinds of scanner(based on host and based on network).Then security policy of popular network equipments and software will be introduced. At last, a network security configuration detection system based on command is raised. Then the architecture of the model and whole flow of work will be introduced. And then the paper analyzes the function of every module. At last, designing and implementing the system of network security configuration detection based on command. On basis of the vulnerability information, the system can detect operation system, database server, application server, router, switch, and firewall though telnet, SSH and NetBIOS protocol. Eventually, a report about the result of detection will be present to warn users to improve equipment and software's security.