Nantong Education Technology Center: Hit “Malicious Mining” to Create a Healthy Network Environment for Primary and Secondary Schools

In recent years, under the promotion of Nantong Education Technology Center, the application of modern educational technology has achieved certain results, and it has played an active role in modern educational technology training for teachers, educational informatization construction and educational TV publicity.

With the in-depth application of information technology in primary and secondary education, educational resources such as computers in primary and secondary schools in Nantong have also become the target of network attacks. Network security issues have become the work that Nantong Education Technology Center must pay attention to. Among them, “malicious mining” has increasingly become the main problem faced by the center.

In the centralized rectification of malicious mining and other network attacks encountered by local primary and secondary schools, the key difficulty faced by the Nantong Education Technology Center is that the network exports of each school converge to the Nantong Education Technology Center for unified access to the Internet. After that, all schools need to be checked, and it is difficult to efficiently locate the specific attacked host.

In order to meet the current network security requirements such as “malicious mining” rectification and long-term unified security management and control, and to be able to grasp the security situation of general education units such as primary and secondary schools in real time, Nantong Education Technology Center chose to introduce Weibu Online’s secure DNS gateway OneDNS product . The product is empowered by cloud-based threat intelligence, and utilizes OneDNS’s automated processing capabilities, threat location capabilities, and unified management and control capabilities to help Nantong Education Technology Center quickly, accurately, and efficiently clean up a variety of “malicious mining” Trojans, while effectively detecting and respond to other cyber attacks.

According to reports, after OneDNS receives domain name resolution requests from primary and secondary schools, it first detects through threat intelligence. If it finds mining pools or other malicious domain names, it will block the anti-connection immediately. If the domain name is normal, it will provide normal domain name resolution services.

The application of OneDNS in Nantong Education Technology Center does not change the original network structure, and access is detected and intercepted

Only one week after the product was connected, 3 mining incidents were discovered and located, blocking more than 2,300 mining pool connections. After a comprehensive evaluation, taking advantage of OneDNS’s lightweight deployment characteristics, Nantong Education Technology Center has promoted many local schools and units to access OneDNS service, and has blocked 13 malicious mining behaviors and about 360,000 times in the past month. At the same time, 17 threat events were detected using threat intelligence. By forwarding the DNS request of the core switch of the Nantong Education Technology Center to the Virtual Agent (virtual forwarder), OneDNS provides the ability to locate malware such as mining Trojans, and you can see the specific schools under attack in the unified console, ensuring that Quickly and efficiently carry out “malicious mining” remediation. In addition, through the unified monitoring and management capabilities provided by OneDNS, the Nantong Education Technology Center can view the situation of “malicious mining” and other threat attacks in local primary and secondary schools in real time, and can issue a unified security configuration strategy according to the implementation situation to achieve Safety unified supervision, visible and controllable.

OneDNS unified console graphical interface can locate the school where the lost host is located

Using the OneDNS service, the network security level of relevant units in Nantong City has been effectively strengthened, and a series of network attacks such as mining, Trojan horses, and viruses have been prevented, helping to create a safer and healthier campus network environment. (Kong Fanxin)