Basic Concepts
Account Cracking
In account cracking, intruders use diverse methods, such as brute-force attacks and dictionary attacks, to obtain system or application accounts and passwords. Once an account is cracked, intruders may log in to the system without authorization, steal data, and damage the system.
Baseline
A baseline specifies the minimum security configuration requirements for OSs, databases, middleware, and applications in terms of account management, password policy configuration, authorization management, service management, configuration management, network configuration, and permission management.
Weak Password
A weak password can be easily cracked. Once the password is cracked, attackers can directly log in to the system and read, tamper with, or damage system data.
Malicious Program
Malicious programs are designed to attack or remotely control a system. They can be categorized into backdoors, Trojans, worms, and viruses, based on the way they spread. Malware covertly inlays code into another program to run intrusive or disruptive programs and damage the security and integrity of the data on an infected server. HSS reports both identified and suspicious malware.
Ransomware
Ransomware emerged with the Bitcoin economy. It is a Trojan that is disguised as a legitimate email attachment or bundled software and tricks you into opening or installing it. It can also arrive on your servers through website or server intrusion.
Ransomware often uses a range of algorithms to encrypt the victim's files and demand a ransom payment to get the decryption key. Digital currencies such as Bitcoin are typically used for the ransoms, making tracing and prosecuting the attackers difficult.
Ransomware interrupts businesses and can cause serious economic losses. We need to know how it works and how we can prevent it.
Alarms
Security alarms refer to the events reported and recorded by HSS when it detects security threats (such as malicious programs and vulnerability exploits) on servers or containers. They notify users of potential security risks in a timely manner and prompt users to take measures to eliminate the risks, thereby improving the overall system security.
Two-Factor Authentication
Two-factor authentication (2FA) refers to user login authentication using both the user password and a verification code. This enhances account security.
Web Tamper Protection
Web Tamper Protection (WTP) is an HSS edition that protects your files, such as web pages, documents, and images, in specific directories against tampering and sabotage from hackers and viruses.
Cluster
A cluster is a combination of cloud resources, such as cloud servers (nodes) and load balancers, for container running. A cluster can be seen as one or more elastic cloud servers (nodes) in a same subnet. It provides compute resources for running containers.
Node
A node is a server (a VM or PM) that containers run on.
Image
An image is a special file system. It provides not only programs, libraries, resources, configuration files but also some configuration parameters required for a running container. A Docker image does not contain any dynamic data, and its content remains unchanged after being built. During the development, deployment, and running of images, security risks may be introduced, such as known or unknown vulnerabilities and malicious files. If such images are used in the production environment without security check, the system will be highly vulnerable to intrusions, which may cause serious consequences such as data leakage and resource abuse. Therefore, image security is critical to containerized application deployment.
Pod
A pod in Kubernetes is the smallest, basic unit for deploying applications or services. It can contain one or more containers, which typically share storage and networks.
Container
A container is an instance created using an image. Multiple containers can run on a node (host). Containers are essentially processes, but they run in their own separate namespaces, unlike processes that directly run on the host machine.
Container Runtime
Container runtime, one of the most important components of Kubernetes, manages the lifecycle of images and containers. Kubelet interacts with a container runtime through the Container Runtime Interface (CRI) to manage images and containers.
Project
Projects in IAM are used to group and isolate OpenStack resources (computing resources, storage resources, and network resources). Resources in your account must be mounted under projects. A project can be a department or a project team. Multiple projects can be created under an account.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot