SSH (Secure Shell) is a widely used network security protocol that replaces insecure methods like Telnet and FTP by encrypting data, authenticating users, and supporting key exchange, with default port 22, various authentication methods, and tools such as PuTTY and OpenSSH for secure remote access.
TLS handshake is the essential process that establishes encrypted communication between a client and server, involving a series of messages such as ClientHello, ServerHello, certificate exchange, key exchange, and verification steps that culminate in a shared secret for secure data transmission.
Metis combines deterministic finite automata conversion, byte‑level RNN training, and knowledge‑distilled random‑forest models to replace traditional regex matching on resource‑constrained network devices, delivering comparable accuracy while achieving up to 74× higher throughput and significant resource savings in DDoS protection and P4 forwarding.
Exposing your public IP address can invite DDoS floods, vulnerability scanning, privacy breaches, and targeted phishing or malware attacks, so you should protect it with firewalls, regular updates, secure VPN connections, and by avoiding public disclosure on social platforms.
The article introduces Metis, an AI‑based solution that replaces traditional regular‑expression matching for network traffic inspection, offering faster, more accurate detection, a compact model deployable on resource‑constrained P4 switches, and significant performance and cost benefits for cloud gateway security.
This comprehensive guide walks through computer networking fundamentals, covering basic concepts, the OSI/TCP‑IP layers, addressing, routing protocols, transport mechanisms, application services, security techniques, wireless LAN technologies, and essential command‑line tools, all illustrated with clear diagrams and examples.
This article explains the principles of the Windows Filtering Platform, outlines functional, compatibility, performance, and security testing techniques for WFP‑based network drivers, and presents a case study on diagnosing throughput issues using filter isolation tools.
XiaoHongShu’s award‑winning Zero‑Trust SASE Office Security Solution integrates all‑in‑one DLP, anti‑virus, identity‑bound access and distributed POPs to replace fragmented agents, delivering real‑time risk control, data‑non‑landing protection, multi‑level disaster recovery, and achieving 100% device coverage, an 80% reduction in data leakage and a 70% internal NPS after one year.
The 20th China Information and Communication Security Conference (CCICS 2023) held on December 1 in Beijing gathered leading academicians and industry experts to discuss emerging security challenges in 5G, AI, privacy computing, large‑model systems, and presented Ant Group’s innovative security parallel‑slice framework for modern digital enterprises.
This article explains the evolution, legal basis, supervising agencies, definitions, core standards, and implementation process of China’s cybersecurity grade protection system, including the transition to the 2.0 framework and the required filing, construction, assessment, and supervision steps.
This article explains the SSH protocol, covering its default port, the step‑by‑step process of establishing a secure connection, the role of symmetric and asymmetric encryption, and how password and public‑key authentication work with tools like PuTTY and OpenSSH.
This article provides a comprehensive overview of China’s cybersecurity grading (等级保护) system, covering its legal foundations, the transition to the 2.0 framework, the core standards, organizational responsibilities, classification procedures, filing requirements, and ongoing supervision.
The Chinese authorities fined the Quark platform 500,000 yuan and ordered NetEase CC to suspend updates to its dance section for seven days after finding massive pornographic content, illegal keywords, and severe breaches of network security laws, prompting both platforms to pledge comprehensive remediation and stricter content controls.
Network port security demands continuous discovery, automated vulnerability scanning, traffic‑baseline anomaly detection, and disciplined governance—including source authentication, first‑packet drop, and lifecycle management—to mitigate DDoS, application‑layer, and exploitation attacks while ensuring minimal‑privilege openings and timely closure.
This guide explains why penetration testers need a target’s true IP, how to detect CDN usage, and provides step‑by‑step techniques—including same‑country queries, sub‑domain probing, DNS history checks, FOFA searches, email reverse lookup, and full‑network scanning—to uncover the real server address.
This article explains what Firewalld is, outlines its key features such as zones, runtime versus permanent settings, services, and dynamic updates, and provides step‑by‑step commands to create firewall rules that limit access to an Nginx server on port 8088 to a single IP address while leaving other ports unrestricted.
This comprehensive guide answers over one hundred fundamental networking questions, covering links, OSI layers, devices, protocols, IP addressing, security measures, cable types, and network topologies to help readers build a solid understanding of computer networks.
This article presents practical Python examples for enhancing network security, covering symmetric and asymmetric encryption, hash functions, password hashing, SSL/TLS communication, SQL injection prevention, XSS mitigation, CSRF protection, and secure password storage to safeguard data and privacy.
This article examines XDP (eXpress Data Path), a Linux kernel eBPF‑based technology that pushes packet processing to the earliest point in the network interface, delivering ultra‑low latency, enhanced security, and flexible custom processing for high‑performance routing, DDoS mitigation, and cloud environments.
This article explains the fundamentals of symmetric and asymmetric encryption, one‑way and trapdoor functions, forward secrecy, TLS handshake, and how the ZA financial app applies a multi‑layered secure communication protocol—including certificate verification, replay protection, payload encryption, and request signing—to achieve robust, high‑performance network security across iOS, Android, and web platforms.
This guide explains how to use Firewalld on CentOS to create zones, services, and rich rules that restrict access to specific ports for designated IP addresses, covering installation checks, rule creation, dynamic updates, and verification commands for comprehensive firewall management.
This guide reviews five popular packet‑capture tools—Savvius Omnipeek, Ettercap, Kismet, SmartSniff, and EtherApe—detailing their features, platform support, licensing, and unique capabilities to help network engineers choose the right solution for traffic monitoring and security analysis.
This step‑by‑step guide shows how to install iptables, clear existing rules, set default DROP policies, allow established connections and loopback traffic, block a specific IP from accessing port 80, save the configuration, and verify that the firewall works as intended.
Chrome’s latest experiment aims to automatically upgrade all HTTP requests to HTTPS, detailing current HTTPS adoption rates, the new HTTPS‑First mode’s automatic upgrades, unsafe download warnings, phased rollout plans, and how users can enable the feature now for a more secure browsing experience.
This article explains the concept and practical applications of forward proxy, outlines its benefits for enterprise network security and access control, compares it with reverse proxy, and provides detailed Nginx configuration examples—including how to expose the client’s real IP—along with common tools and real‑world scenarios.
Even though HTTPS encrypts web traffic, DNS queries, IP address sharing, traffic patterns, cookies, and especially the plaintext TLS handshake—including the SNI field—can reveal which sites you visit, but the Encrypted ClientHello extension can mitigate this leakage.
This article explains how the Linux kernel maintains the SYN (half‑connection) and Accept (full‑connection) queues during the TCP three‑way handshake, describes their size limits, overflow handling, and common defenses against SYN‑flood attacks.
This article provides a comprehensive guide on building a network port scanner using Python, covering implementation principles, code examples, and practical usage instructions.
This guide introduces Scanless, a Python‑based tool that leverages third‑party online scanners to conduct anonymous port scans, explains how to install it via Git and pip, demonstrates command‑line usage and Docker support, and lists the supported scanning services.
Taobao’s open platform gateway has evolved into a modular, decentralized system that uses full asynchronous processing, multi‑cluster deployment, token‑based authentication, and advanced metadata caching to boost scalability, security, and performance while protecting privacy and enabling efficient large‑scale reporting.
This comprehensive guide explains the IPSec security suite—including AH, ESP, and SA protocols—covers encapsulation modes, NAT‑Traversal, MTU fragmentation issues, VPN deployment scenarios, Virtual Tunnel Interfaces, and provides step‑by‑step StrongSwan configuration and testing procedures.
This comprehensive guide explains the CIAA security model for network transmission, details confidentiality, integrity, authentication, and availability, and walks through building a private CA with OpenSSL, configuring TLS 1.2/1.3, HTTPS authentication modes, SNI/ESNI extensions, and upgrading curl for HTTP/2 support.
This article explains how to create a Python‑based network port scanner that probes a target host, uses sockets and multithreading to detect open TCP ports, and provides clear usage instructions, sample code, and optional enhancements for faster or more comprehensive scanning.
This comprehensive guide explains intrusion detection and prevention systems, firewalls, waterwalls, Netfilter, and essential Linux firewall tools such as iptables, firewalld, and nftables, covering their architectures, command syntax, rule management, NAT, and packet capture with tcpdump.
NetSet is an automated tool that routes all network traffic through Tor, installs DNSCrypt‑proxy for DNS protection, offers a terminal multiplexer, and provides utilities such as proxy scraping, MAC spoofing, and OPSEC resource access, with simple installation via Git and command‑line options.
This article explains what firewalls are, how they inspect network traffic, the various deployment and operational types—including hardware, software, cloud, packet‑filtering, stateful, proxy, and next‑generation firewalls—and their respective advantages and disadvantages.
This article explains what a VPN is, how it works, its legal status across countries, common misconceptions about privacy, its role as a proxy, and tips for choosing a trustworthy VPN provider.
This guide explains Linux firewall fundamentals, comparing the static iptables and dynamic firewalld tools, detailing their tables, chains, control actions, command‑line syntax, zone concepts, rich rules, and graphical configuration, while highlighting practical tips and common pitfalls.
This article reviews the ten most popular vulnerability scanning tools—including OpenVAS, Tripwire IP360, Nessus, and others—detailing their key features, scanning capabilities, deployment options, and typical use cases to help security professionals choose the right solution for network and application vulnerability assessment.
On March 10, Shanghai’s telecom and internet regulators held a summary conference for the 2022 “Panshi Action” cyber‑attack‑defense drill, where Xiaohongshu ranked third among 123 defending teams, earning awards for excellence and progress while showcasing its incident‑response and traceability capabilities.
The 2022 Shanghai "Panshi Action" cybersecurity drill, organized by multiple municipal regulators, brought together 30 top security teams to test the defenses of 123 telecom and internet firms, resulting in awards, policy insights, and a call for stronger collaborative security measures across the city’s digital ecosystem.
This article compiles two extensive collections of network security interview questions—93 and 71 items respectively—covering topics such as SQL injection, XSS, CSRF, DDoS, protocol fundamentals, cloud security, penetration tools, and incident response, providing a comprehensive resource for anyone preparing for a security engineering role.
This article explains VLAN technology, its IEEE 802.1Q standard, logical network segmentation methods, key benefits such as flexibility, broadcast control and security, and provides a detailed, command‑line configuration example for a medium‑size enterprise network.
This article introduces iptables, explains its core concepts such as chains, rules, and tables, demonstrates common commands for listing, adding, deleting, and modifying rules, and presents a step‑by‑step firewall configuration case for securing jump‑hosts on CentOS systems.
This guide reviews the ten leading vulnerability scanning solutions, detailing each tool's key features, deployment options, and how they help organizations detect and remediate security weaknesses across networks, servers, cloud and container environments.
This guide walks you through enabling firewall services, adding permanent ports, and reloading rules on CentOS 7 using firewalld, as well as editing iptables files and restarting the firewall on CentOS 6, complete with command examples and common pitfalls.
The article examines DNS fundamentals, compares DNSSEC and HTTPDNS, outlines their workflows, advantages, and drawbacks, and details a custom IP‑scoring mechanism using Cronet to improve reliability and security for mobile network requests.
This article explains why HTTP is insecure, how HTTPS uses encryption, integrity checks, digital certificates, and a hybrid of symmetric and asymmetric cryptography, and details the SSL/TLS handshake process that secures data transmission over the web.
This article provides concise explanations for over 100 fundamental networking questions, covering topics such as link types, OSI layers, protocols, IP addressing, network devices, topologies, security measures, and configuration tools, offering a quick reference for students and professionals seeking a solid networking foundation.
This article demonstrates how to use Python's pywifi library to script a Wi‑Fi password brute‑force attack, improves the tool with command‑line and graphical interfaces built with Tkinter, and discusses scanning nearby networks, flexible dictionary selection, and future multithreading enhancements.
This article explains Linux connection tracking (conntrack), its implementation in Netfilter, and provides detailed instructions for using iptables—including rule queries, additions, deletions, modifications, saving, loading, match extensions, custom chains, and logging—to manage firewall behavior and network security effectively.
This article provides a comprehensive overview of iptables, detailing its host‑type filter table, limitations, the four main tables (filter, nat, mangle, raw), their respective chains, common command examples, and explains NAT concepts such as SNAT, DNAT, and MASQUERADE for Linux network security.
This article examines a recent 1.2 Tbps DDoS assault on a major UCloud client, detailing the attack timeline, mixed flood and connection‑exhaustion techniques, geographic and device source distribution, and UCloud’s comprehensive mitigation strategies and best‑practice recommendations for robust information security.
This comprehensive guide covers fundamental networking topics such as links, OSI layers, backbone networks, LANs, routers, protocols, IP addressing, security measures, cable types, and various network topologies, providing clear explanations for each concept.
The article introduces the F5 Cloud Egress Services (CES) solution, detailing its architecture, component composition, policy scopes, tenant isolation, and the extensive capabilities it provides for dynamic egress traffic control, security, and observability within Kubernetes clusters using Kube‑OVN.
This guide explains step‑by‑step how to check firewall status, enable firewalld, open specific ports, reload or restart the firewall, and modify iptables on CentOS 6 and 7, including useful commands and common pitfalls.
This article explains how to use the iptables hashlimit module to create a stateful rate‑limiting chain, details the required commands, clarifies the meaning of the --hashlimit‑upto and --hashlimit‑burst parameters, and provides an example illustrating credit‑based packet acceptance.
The paper systematically analyzes the Sliver C2 framework’s HTTP and HTTPS traffic, detailing URL, cookie, and parameter patterns as well as JA3/JA3S TLS fingerprints, and presents validated Snort and Suricata rules that reliably detect Sliver beacons while highlighting evasion challenges and broader applicability to emerging malware tools.
This guide explains how to enhance Kube‑OVN with Cilium’s eBPF‑based networking and security features by using CNI chaining, covering prerequisites, configuration changes, Helm deployment steps, verification commands, and useful reference links for a complete cloud‑native networking solution.
This article explains the fundamentals of Distributed Denial of Service attacks, covering their definition, key characteristics, common motivations, classification by technique and protocol layer, current attack statistics, target industries, and emerging trends shaping the future of DDoS threats.
This article provides a comprehensive overview of network security, covering passive and active threats, cryptographic models, digital signatures, authentication methods, key distribution, firewalls, and intrusion detection systems, highlighting essential concepts and practical defenses.
This article examines the inherent security flaws of plain HTTP, proposes four solution approaches, and explains why the fourth—combining digital certificates, asymmetric and symmetric encryption—forms the basis of HTTPS, then details TLS 1.2 handshake steps, cryptographic primitives, and practical implementation considerations.
An overview of essential Linux firewall solutions—including iptables, IPCop, Shorewall, UFW, Vuurmuur, pfSense, IPFire, Smoothwall, Endian, and ConfigServer—covers their core functions, key features, and typical use cases, helping administrators choose the right tool for network protection.
The article examines how rapid AI adoption, AIOps, and hybrid‑work infrastructure investments are reshaping enterprise networking, security, and automation, highlighting AI‑powered assistants that can troubleshoot networks, the rise of SASE, and future trends toward human‑level AI performance.
This article explains the HTTPS protocol, its security advantages over HTTP, and provides a step‑by‑step Wireshark packet capture and analysis of a test website, covering TCP three‑way handshake, TLS ClientHello/ServerHello, certificate verification, key exchange, and encrypted data transmission.
This guide shows how to use iptables to allow only a designated IP address to access a host's port 80, how to apply the same restriction to Docker containers by adding rules to the DOCKER-USER chain, and how to make the settings persistent across reboots.
The article explains that HTTPS does encrypt the full HTTP request—including the URL—by encrypting both headers and body, while the domain name can still be seen in the TLS handshake via SNI, and it details how TLS record protocol ensures data integrity through MAC and encryption.
This article outlines the current state of network security in China, the government's strong emphasis on it, the legal framework, the necessity of incident response, detailed emergency‑response procedures, Ziru's own security program, and three illustrative case studies including Log4j2, a 2021 drill, and a FastJson vulnerability.
This comprehensive FAQ explains key information‑security concepts, covering white‑hat hacking, IP vs MAC addresses, common penetration‑testing tools, hacker types, footprinting methods, brute‑force, DoS, SQL injection, sniffing, ARP spoofing, MAC flooding, rogue DHCP, XSS, Burp Suite, pharming, defacement, website protection, keyloggers, enumeration, NTP, MIB, password‑cracking techniques, attack stages, and CSRF mitigation.
This article explains the fundamentals of HTTP and HTTPS, covering the protocol structure, common request methods, request and response message formats, differences between GET and POST, response status code categories, a full HTTP transaction flow, and the encryption mechanisms and drawbacks of HTTPS.
This article reviews the ten most popular vulnerability scanning tools, describing their key features, deployment options, and how they help identify and remediate security weaknesses across servers, networks, cloud and container environments.
This article explains the fundamentals of HTTP and HTTPS, covering request and response structures, common methods, differences between GET and POST, response codes, the complete request flow, and how HTTPS adds SSL/TLS encryption for secure communication.
This article provides a comprehensive guide to iptables, explaining its hierarchical structure of tables, chains, and rules, detailing the built‑in tables (filter, nat, mangle, raw) and their chains, describing rule syntax and target actions, and offering practical command examples for listing, flushing, saving, setting default policies, and configuring SSH, HTTP, NAT, and IP‑based restrictions.
This article explains what a firewall is, how it isolates risk zones from safe zones, its working principles, the typical architecture involving screening routers and proxy servers, and the key security functions it provides for protecting network communications.
This article provides two comprehensive collections of network security interview questions, totaling 164 real‑world questions that cover fundamentals such as SQL injection, XSS, CSRF, protocol basics, cryptography, penetration testing techniques, and incident response, helping candidates prepare effectively for technical interviews and increase their chances of landing high‑pay offers.
This article explains how Kube-OVN leverages OVN/OVS to provide pod port security and OpenStack‑style security groups through custom CRDs, annotations, address sets, and ACL rules, detailing the underlying mechanisms and workflow for managing network security in Kubernetes.
The article reviews the five‑year impact of China’s Cybersecurity Law, highlights progress in legal‑driven security governance, and details Ant Group’s advanced network and data security architectures, privacy‑preserving computing techniques, and collaborative recommendations for tackling emerging cyber threats.
This article explains how to secure cross‑data‑center traffic by applying TLS principles, setting up a private Certificate Authority, generating self‑signed certificates with OpenSSL, configuring mutual TLS (mTLS) on Nginx proxies for both HTTP and TCP streams, and verifying the setup with curl and redis‑cli commands.
This article showcases five cutting‑edge open‑source projects—from a ROS‑based system that lets a gamepad animate facial muscles, to AI‑driven video inpainting, text‑to‑image generation, eye‑gaze computer control, and a comprehensive Wi‑Fi cracking toolkit—each pushing the boundaries of modern tech.
This article explains the zero‑trust security model, its dynamic trust evaluation, common SDP components, three implementation approaches (application‑layer proxy, traffic‑layer proxy, hybrid), deployment scenarios for office, remote and data‑center environments, and practical steps for successful adoption.
This article provides a comprehensive overview of SSL VPN technology, covering its encryption principles, limitations of IPSec, virtual gateway functions, web proxy, file sharing, port forwarding, network expansion modes, endpoint security checks, certificate‑based authentication methods, typical application scenarios, and step‑by‑step configuration procedures.
The article presents a comprehensive case study of the Magic Butler system—a zero‑trust security management solution developed by 58 Group’s TEG department—detailing its business drivers, design principles, architecture, key technical features, deployment scale, and future outlook for enterprise network security.
This guide explains how to use firewalld on CentOS 8, covering zones, services, runtime vs permanent rules, common commands for starting, stopping, and reloading the firewall, as well as adding, removing, and forwarding ports and rich rules.
This article explains the SSH protocol, covering its default port, the step‑by‑step handshake process—including connection establishment, version and algorithm negotiation, key exchange, and user authentication methods—while also describing common clients like PuTTY and OpenSSH and the role of symmetric and asymmetric encryption.
This article provides a comprehensive overview of SSL VPN technology, detailing its advantages over IPSec, core functions such as virtual gateways, web proxy, file sharing, port forwarding, network extension, endpoint security, logging, authentication methods, typical application scenarios, and step‑by‑step configuration procedures.
This article provides a comprehensive analysis of Zero Trust security, explaining its core principles, SDP‑based architecture, various implementation models—including user‑to‑resource and service‑to‑service schemes—deployment options, practical use cases, and guidance for successful enterprise adoption.
This article provides a comprehensive overview of zero‑trust security, explaining its core principles, architectural models such as SDP, various implementation approaches (application‑layer proxy, traffic‑layer proxy, hybrid), deployment patterns for office and multi‑branch environments, practical rollout experience, and how zero‑trust integrates with existing security products.
This article provides a comprehensive overview of zero‑trust security, explaining its core principles, SDP‑based architecture, three main implementation models (application‑layer proxy, traffic‑layer proxy, and hybrid), various deployment scenarios, and practical guidance for enterprise adoption.
This tutorial walks through setting up a three‑host Linux environment, using Docker, sar, hping3, tcpdump and iptables to reproduce a SYN‑Flood DDoS attack, analyze its impact, and apply kernel and firewall tweaks to mitigate the attack.
This article explains the SSH protocol, covering its default port, the step-by-step connection process—including version and algorithm negotiation, key exchange, and user authentication—along with practical guidance on using PuTTY, OpenSSH, and SSH key management.
During Shanghai's COVID lockdowns, securities firms deployed round‑the‑clock IT staff, AI‑driven automation tools, and backup data centers to ensure uninterrupted trading operations and secure online services for millions of investors.
This tutorial explains how to create a lightweight Python port scanner using only standard libraries, covering required imports, command‑line host input, a full‑range port loop with socket connections, result handling, and runtime measurement, all within a concise 20‑line script.
The article explores the evolution of the Internet from IPv4 to IPv6 and IPv6+, highlighting how next‑generation protocols, AI, SDN, and enhanced security create a more convenient, open, intelligent, and trustworthy digital ecosystem.
This article introduces Tailscale, a WireGuard‑based virtual networking tool, explains its key security features, shows how to install and configure it on various platforms, and outlines practical use cases such as file transfer, remote development, and network proxying.
This article details how the Kube-OVN community extended the CNI for edge cloud scenarios by adding security‑group based access control, high‑availability virtual IP support, live‑migration‑friendly networking, and smart‑NIC hardware offload, including implementation steps, CRD designs, and relevant pull‑request references.
The article explains how Kube‑OVN can create a flexible, efficient, and secure cross‑Kubernetes‑cluster network plane to meet user demands such as high availability, multi‑cloud separation, disaster‑recovery, and hybrid‑cloud compliance, and demonstrates its use with TiDB, MySQL, and WordPress workloads.
DNSPod’s GM DoH, the first Chinese DNS‑over‑HTTPS service to employ national SM2 cryptographic algorithms and certificates, upgrades the traditional TLS handshake by encrypting the pre‑master secret with SM2 keys, thereby filling a critical gap in China’s secure networking infrastructure and enhancing national network security.
This article examines the evolving requirements of future networks, proposing a precise‑connection architecture, flexible plug‑in forwarding, compute‑network integration, and inherent security mechanisms to support diverse quality‑of‑service demands across layers, while outlining control‑plane and data‑plane designs for scalable deployment.
This guide explains how to protect a shared development TCP port—used as a sidecar proxy for a Unix Domain Socket—by applying per‑IP rate limiting with iptables' hashlimit module, including full command examples, parameter details, and practical calculations.
This article provides a concise tutorial on using iptables to reset, delete, flush, list, and configure firewall rules on a Linux node, covering port blocking, IP blocking, rule negation, multi‑port matching, stateful filtering, and default policies.
