关键词: 络安全, 永恒之蓝, 挖矿病毒, 防御措施, 安全加固

Abstract: With the continuous advancement of information construction in China, information technology has been widely used in various fields of office and production. The rapid spread of information technology has promoted the economic development and technological innovation of enterprises as well as the outstanding network security issues. The network security threat is gradually being affected by the enterprises Internet side and destroying the internal office network, scientific research production network and industrial control system. Among them, the degree of harm of viruses and Trojans has increased geometrically in recent years. This article will use the enterprise LAN to find the “Eternal Blue” variant mining worm WannaMine as an example, by expounding the spread and infection of the virus, analyzing its attack path and attack characteristics, using the technical means of operating system security reinforcement, combined with the actual work, a semiautomatic killing method for scripts is proposed. By verifying the effectiveness of the method, it provides reference for the safe operation and maintenance personnel to carry out the killing work, and puts forward some suggestions for the defense measures taken by the enterprise in response to the internal LAN security threat.

Key words: network security, Eternal Blue, mining virus, defense measures, security reinforce