With the rapid development of the Internet, network security problems are also very serious. Trojan horses and viruses are rampant. Let’s take a look again. In September 2009, there were 3,513 tampered websites across the entire mainland. Among them, 256 mainland government websites were tampered with in September. Although this has declined, it is still a lot.
Here I will mainly analyze why the website has been tampered with and the main reasons for it. I think the most important step is that website security is not paid enough attention. Weak security awareness is the main reason. The second reason is that many websites have not deployed anti-tampering systems or have not deployed defense systems. The third reason is that our website platform and architecture and the click-through rate of some websites are not rigorous enough and there are some loopholes. These loopholes give hackers an opportunity. The last one is that the current hacking techniques are quite sophisticated, and I don’t know if you have tried it on the Internet. It is easy to search for some hacking tools on the Internet. The current hacking tools are also very simple and intelligent. To what extent? For example If you want to attack a website, just enter the URL and scan it, it will scan your website and list a lot of vulnerabilities, and then tell you how to attack. At present, hacker attacks are still very severe. There are still many such things. In the past Not long ago, there was a program on CCTV. The program mainly talked about the Trojan horse industry in China in 2009, and the revenue from Trojan horses has exceeded 10 billion yuan. According to official statistics, the number of Chinese netizens has exceeded 300 million. This market is very large. Related websites sell Trojan horse programs. , a program can even sell for more than 5,000 to 10,000 yuan. In addition, if you sell a "broiler" server, the "broiler" can be sold for 5,000 to 10,000 yuan.
The second is to cause attacks on our large websites. The third factor is personal behavior. Many Internet teenagers always want to become famous overnight. They find some tools on the Internet. In fact, they are not real hackers, but some levels. At these levels, the use of advanced tools is enough to pose a threat to our website, so There are too many threats to us in terms of personal behavior.
Here are two levels of thinking.
The first is the work of the database. SQL injection attacks. Many of our websites do not have user access parameter filtering, or the filtering is not strict enough. As a result, many attackers can steal accounts and passwords directly through SQL. They can find out the expressions in many ways. There are also relevant personnel accounts, which will be cracked after being found, and finally the database administrator password will be obtained. As long as the database account password is available, Trojan horse injection can be carried out. This accounts for about 70% of hacker attacks.
Let’s take a look at the Trojan horse now. The Trojan horse is when a hacker quietly implants some Trojan horses in the program, so that he can let your computer download some Trojan horse programs and also control your computer. This phenomenon can explain the Trojan horse situation, such as Let's say we open a Sina or official website. When I click on it, I find that the homepage pops up and then opens another website. The other website is not clicked by me. This example is a hacking phenomenon, which means that our website has been hacked. He asked you Opening another website is for publicity, allowing you to help the website that clicks on it to increase the click-through rate of its website. After the click-through rate increases, for example, some companies will find it to do some advertising. If the click-through rate increases, they can get some corresponding income.
In addition, does the advanced Trojan have any windows? It means that it implements some illegal programs very quietly, such as installing some programs on your computer. After you visit the website, you will unknowingly have your computer controlled by others, so the website Hacking is still very serious. At present, 90% of websites have been hacked to varying degrees, especially some school websites. Most school websites have been hacked.
Let's take a look at the simple process of hacking it. First of all, hackers will first understand some of the current security vulnerabilities. They will study hackers very diligently. After they study, they will have Trojan horse scripts specifically for these vulnerabilities. First of all, we see customer information. In addition, there are some mainly through several On the one hand, one is through tampering with web pages, and the other is through rectification of databases. There are many methods and means, but the purpose is the same.
For plug-in polling inspection, we will conduct regular inspections and read the web pages of the site through manual or automatic polling for inspection to determine the integrity of the web page content.
The second is file driver protection, which is relatively effective. Through the underlying driver protection of system files, website files or folders are not deleted or modified, or restored after being found to have been tampered with. The file driver protection method can effectively protect static files, but there is another disadvantage: it cannot protect dynamic areas and databases because some data needs to change.
WEB core built-in protection is very popular. It can filter web pages very accurately and efficiently. It will immediately block the web page when it is discovered that it has been tampered with, that is, it will prevent the tampered web page from being left out. Its first benefit is that it It is internal, so there are no viruses or Trojans that can be shut down. For example, if we install some anti-leak software, once the virus enters, it will shut down your software. However, the core embedded technology does not have this shortcoming. Another shortcoming is that there is a little delay. But currently the delay can be ignored for user access.
Let’s talk about Sailan’s overall website security solution
Sailan Technology is a high-tech enterprise with independent research and development as its core and technological innovation as its purpose. It has been focusing on the research and development of network security products for many years and has provided network security maintenance for many enterprises. Let’s take a look at two solutions. The first solution protects the website from attacks through WEB, and the second system is to prevent channeling.
Tampering system, the third system is the analysis of website data, which can be very intuitive and intuitive in the form of charts to make some reports reflecting the website access status. It can clearly understand the current network access status. Finally, it is a monitoring service. We can analyze the user website Conduct some security scans and security assessments, and provide some security reports on the website, such as what vulnerabilities you have and what problems you corrected last year.
Let’s talk about these solutions. The first solution can prevent malicious scans, malicious uploads, malware, and even filter some charts.
The second is an anti-tampering system that can protect the original files of our website and ensure that our web pages will not be tampered with or deleted. Whenever our web pages are reserved, we will make some preparations. If we find that the web pages are currently reserved, we will contact us directly. When the backup is different, we believe that the webpage has been tampered with. At this time, we do not allow the tampered webpage to flow out, and actively restore and alert the police.
The third system is a data analysis system. This system mainly collects website data and forms some intuitive reports. From the reports, our managers can easily know, for example, the number of visits on a certain day in May this year, and the number of pages visited every day. We can see from the number of visits to each web page every day and from the report which province or city our visitors come from, and which province or city has more visits. You can also analyze the number of visits every day, and even analyze how many times our website has been searched by search engines such as Baidu.
The fourth option proposes monitoring services to provide some related protection for your website, mainly scanning system vulnerabilities, Trojans, and your disk space. Finally, we also have reports to tell you about work efficiency and risks. Evaluate.
Through the overall solution, we can not only prevent your website from being attacked, but also prevent the website from being tampered with. In addition, we can also analyze your website visits. Finally, we can also provide systematic and comprehensive security monitoring services for your website.
Finally, I would like to make some suggestions on network security. First, we should pay attention to website security. The first is the top priority. The second is to make backups. The third is to update patches in time. The fourth is to make some professional firewalls. Finally, we Also on risk assessment. Finally, today’s speech mainly talks about some website aspects. Thank you everyone!
Author Dahai’s personal space This article only represents the author’s views and has nothing to do with the position of Webmaster.com.