网站安全防护技术讨论（Discussion on website security protection technology）

网站安全防护技术讨论（Discussion on website security protection technology） 网站安全防护技术讨论(Discussion on website security protection technology) Discussion on website security protection technology With the rapid development of the Internet, network security is also very serious. Like a Trojan horse, a virus overrun. Let's have a look again, in 2009 September, the whole mainland has been tampered with 3513 websites, of which the mainland government website in September tampered with 256, although it has declined, but still a lot. Here I mainly analyze why the website has been tampered with, the main reason for being tampered with, I think the most important step is the safety of the site is not enough, very seriously, weak security awareness is the main reason. The second reason is that there are many websites without deploying tamper proof system, or not to deploy the defense system, and the third is our website platform architecture and site click rate is not precise enough and there are still some vulnerabilities, these vulnerabilities will give hackers an opportunity, the last one is the hacking is quite good, and I do not know you in the Internet have a try, some hackers on the Internet search tool is very easy to search, the hacker tool is also very simple and intelligent, to what extent? Say you want to attack the website as long as there is a scan will enter the URL, scan your website and then listed many loopholes, and then tell you what methods of attack at present, the hacker attack is still very serious, this is still a lot of things, not long ago in a CCTV The program, which shows about 09 years Chinese horse industry, and horse income has 10 billion yuan, the Chinese users according to official statistics, more than 3 hundred million of the market is very large, the website sale Trojan program, a program can even sell five thousand to more than ten thousand, also sold at &ldquo ” broiler; server “ broiler ” can be sold for five thousand to ten thousand yuan. Second is an attack on our large web site. There are third factors is the personal behavior, many juvenile whim to overnight, to find some tools on the Internet, in fact, is not a real hacker, is a rookie level, the rookie level, the use of advanced tools to pose a threat to our website, so in this piece of threat to our personal actions too much. Here are two levels of thinking. The first is the database, SQL injection attacks, many of our website and no user access parameter filter, or filter is not strict, the attacker can cause a lot of directly through SQL steal account and password, they can be found in many ways, the expression of which also have the relevant personnel to check the account, after the break, and finally get the database administrator after the password, as long as the database account password can be injected into the Trojan, the hacker attacks accounted for 70%. We look at the horse now, the horse is in the program which hackers secretly implanted Trojan horse, so he can make your computer to download a Trojan horse, also can control your computer, this phenomenon can explain the Trojan horse, for example we open the Sina or the official website, I found and opened a pop-up page a site, another site is not my point, this example is the horse phenomenon, our website has been linked to horse, he let you open another website is the propaganda function, let you click on its website help improve its website click rate, click rate after say some companies find it some do some advertising, click rate can get some income. Another senior horse did what window, very quiet is to implement some illegal procedures, for example in some programs on your computer after you visit the website, imperceptibly your computer has been controlled by others, so the site horse is still very serious, at present 90% different sites have been linked to horse, especially some of the school website the school website, most of the horse. Let's look at hackers, which attack simple processes. First of all, hackers, he will go to understand some of the current security vulnerabilities, they will study hackers, very diligent, They study after they have devoted to these loopholes in the Trojan script, we see the customer information first, landlords JJ youxi.gdwj.gov.cn in addition to the official website to download some mainly through several aspects, one based on Web tampering, the other is the database rectification, its method and means there are many, but the purpose is a. Plug in polling check, we will regularly check, to manually or automatically polling way to read the site's Web site to check, to determine the integrity of web content. Second is the file drive protection, this is still more effective, through the system file bottom drive protection, the realization of web files or folders are not deleted, modified, or found to be tampered with after recovery. Through file driven protection, you can effectively protect the static file, but there is another drawback, it can not protect the dynamic area, can not protect the database, because some of the data to be changed. The WEB core embedded protection is very popular on the web page, it can be very accurate filtering efficiency is very high, a little discovery of web page has been tampered with immediately stop, is to prevent tampering "are not set aside, the benefits of it first, because it is inside, so there is no virus or Trojan off, like us install some anti phishing software, once the virus after entering this software will take you off, but the core embedded technology without this problem, another disadvantage is a little delay, but the delay of user access can be ignored. Here's a tour of the blue web security solution Race blue technology is based on independent research and development as the core, scientific and technological innovation for the purpose of high-tech enterprises, over the years has been concerned about network security product research and development, for many enterprises network security maintenance. Let's see, there are two scenarios. The first scheme protects the site from the attack through WEB, and the second system is anti channeling Change system, the third system is the analysis of the data on the website, can be very intuitive to chart the intuitive form to reflect the site visit made some statements, can clearly understand the current situation of network access, the last is a monitoring service for users, we can do some web site security scanning and security evaluation, and can be found on the website show some security report, say what you have to correct what vulnerabilities last year. Here to talk about these schemes, the first scheme can prevent malicious scanning, prevent malicious upload, prevent the horse, even can filter some charts. The second is a tamper proof system, we can protect the original website files, ensure our website will not tamper with will not be deleted, "whenever we set aside we do some preparation, if it is found that the current page and line backup set aside we have different time, we think the web page has been tampered with, this time we not get web pages run out, and take the initiative to restore and alarm. Third systems we have a data analysis system, this system mainly collect the website data, while the formation of some intuitive statements, statements from our management staff is very easy to know, for example, in May this year, one day a number of visits, visit the page every day, we can from every web access every day, we can also see from the report that visitors from the provinces and cities, and the cities visited more and you can see this. You can also analyze the amount of traffic every day, and even analyze how many times our website has been searched by Baidu and other search engines. Fourth proposed monitoring service, do some protection to your website, mainly for system vulnerability scanning, Trojan scanning, and your disk space, and finally we report, to tell you the efficiency and risk assessment. Through the overall solution, we can prevent your website from being attacked, and it can also prevent the website from being tampered with. Besides, we can make an analysis of your website's visit, Finally, we can also give your website a comprehensive and systematic security monitoring service. I put in some network security recommendations, we still should pay attention to web security, one is the priority among priorities, second to third as backup, update fourth patch, we do some professional firewall, finally we also on risk assessment. Finally, let's talk about something about the web site through today's talk. Thank you all!