Why is it often invaded by the Internet? Explore the cause of vulnerability research

Protocol Design

Security issues are often overlooked

When a general designer is making an agreement, it usually emphasizes functionality first, while security issues are at the last minute, or even beyond the scope of consideration. In the network application environment, the security problem must pay more attention to.

Architecture is on top of other issues

When choosing other base protocols, you must be aware that the protocol is easy to understand and easy to implement. Even if the effort to formulate a sound agreement, if the structure in the tight solid foundation, the results are conceivable. With CERT®/CC (computer Emergencyresponse team, http://www.cert.org/) ca-2001-18 [LDAP] (http://www.cert.org/advisories/ ca-2001-18.html) and ca-2002-03 [SNMP] (http://www.cert.org/advisories/CA-2002-03.html) Two security incidents for example, the cause of the problem is similar ( All result from the BER coding processing problem), but before and after the event is nearly seven months, but the manufacturer does not attach importance to.

Process issues

When designing an agreement, it may not be considered well enough to cause the situation to be handled improperly. such as cert ca-1996-21 TCP SYN Flooding (http://www.cert.org/advisories/CA-1996-21.html) problem.

Design Error

The protocol design error causes the system service to be easily invalidated or vulnerable to attack.

Software implementation

Make a real mistake

Even if the agreement is correct, if an error occurs in the implementation of the agreement, or if the actual person's cognition of the agreement is wrong, it will also lead to a security breach.

Program error

Security vulnerabilities are often caused by poor program writing habits, including the common data length, the lack of input data fault tolerance, the failure to detect possible errors, the assumptions of the application environment, the improper citation module, the lack of detection resources, and so on.

People action

Job Negligence

The most stringent requirements, if the operator is not well trained, or manual operation, will also lead to security vulnerabilities. VeriSign, one of the most important companies in network security, still has a significant security loss due to the negligence of the operator (CERT ca-2001-04).

System Maintenance

Default value is not secure

Many software or operating systems are in a state of extreme insecurity after the installation is complete. The reason behind these preset circumstances is to facilitate the user, admittedly, the user is convenient, but the user referred to here, the scope also contains the virus, worms, Trojan and so on uninvited guests. No wonder "code red", "sircam", "nimda", and so on, can wantonly harass network users.

System not patched

The general software is more or less wrong, diligent repair to let the system from damage.

Shing

You may not want to believe it, but the system that attacks you is usually the system you trust. In the area of your trust (which is often too weak in trust), a less secure system will soon be the springboard for the next attack. The security intensity of a field is equivalent to the security strength of the most insecure system in the field.