10 reasons of hacking Web site and the corresponding defense methods

1. Desktop gap

Internet Explorer, Firefox, and Windows operating systems include many of the gaps that hackers can use, especially if users often do not install patches in time. Hackers use these gaps to actively download malicious software code--also known as a hidden download--without user approval.

2. Service Device Gap

Internet Information Server (IIS) and Apache network servers are often used by hackers to invade because of gaps and service handling equipment faults.

3.Web Service Virtual Storage

Together to keep a few or even thousands of of the Web service is also malicious to invade the policy.

4. Explicit/Open Acting

A hacker-controlled accounting machine can be set up as a acting service, evading the manipulation of URL filtering for communications, and making anonymous Internet access, perhaps as a go-between for illegal web site data streams.

5.HTML can be completely different from the Web in the service to embed the target

Users can request to read Web pages from specific websites, only to actively download the target from legitimate websites such as Google Profile Service, malicious software download site, or be redirected to malicious software website.

6. Ordinary users do not know the security situation

The majority of users do not know the reason for the three kinds of SSL reader view, do not know how to verify the legality of the download order, do not know whether the accounting machine is not normal, the home network does not use firewalls, and do not know how to distinguish between fishing Web pages and legitimate Web pages.

7. Mobile code is widely used on the website.

Disable JavaScript, Java applets, in the reader. NET usage, flash, or ActiveX sounds like a good idea, because they all take the initiative to perform scripts or code on your computer, but if you disable these functions, many Web sites can be unreadable. This opens the door for poorly coded Web applications that accept user input and use cookies as they would in Cross-site scripting (XSS). In this case, some demand calls and other open page data (Cookies) Web usage can be chaotic. Any web usage that withstands user input (blogs, Wikis, talking) can inadvertently withstand malicious code that can be returned to other users unless the user's input is viewed as malicious code.

8. Wide selection of All-weather high-speed broadband Internet access

Most corporate networks are protected by firewalls, home users without a network address translation (NAT) firewall were briefly attacked and lost their personal information; a zombie accounting machine that acts as a distributed Denial-of-service (DDOS); a Web service that maintains malicious code--a home user who can do no questioning about these situations.

9. Visit to HTTP and HTTPS

Visiting the Internet is necessary to use the web, all accounting machines can go through the firewall to visit HTTP and HTTPS (TCP ports 80 and 443). It can be assumed that all accounting machines are able to visit external networks. Many of the orders are via HTTP to visit the Internet, such as IM and Peer-to-peer software. In addition, the hijacked software opens the channel for sending botnet instructions.

10. Choose embedded HTML in the message

Because the SMTP e-mail gateway will, to a certain extent, constrain the delivery of messages, hackers are not often sending malicious code in e-mail messages. Instead, the HTML in an e-mail message is used to get malicious software code from the Web, and the user can be unaware that a request has now been sent to the Web site.

Ten ways to withstand web threats

1. Obstruct the visit to the Malicious software service

When a desktop user never knows the malicious software service to solicit HTTP and HTTPS Web pages, it immediately blocks this solicitation, saving bandwidth and scanning resources.

2. Constrain the mobile code to a trustworthy website

Script and lively code such as mobile code can make the network more interesting, but also the hacker soaked desktop accounting machine and running can perform code or use to fulfill the script embedded in the file.

3. Scanning at the Web gateway

Do not think that all of your desktops are up to date, running anti-virus sequence (AVP) or visiting accounting machines for perfect handling. Gather scans before the malicious software quiz enters your network rather than now on the desktop, and then easily manipulate all incoming Web traffic (HTTP, HTTPS, and FTP).

4. Use the products of different manufacturers for desktop and Web gateway scanning

Today's attacks were tested on the prevailing AVP before being released. Diversification through malicious software scans to add obstacles

The time to coerce.

5. Update desktop and service patches regularly

Most of the attacks and threats are used and system gap spread. Dropping known gaps poses a danger to your accounting machine.

6. Install anti-virus software and stick to update

From the date the boot area virus renders, the appliance anti-virus software is now in the canonical order to view incoming files, scan memory, and current files. Any accounting machine running Windows should have the latest anti-virus software installed. If "bad" has now broken all other network protection, this is the ultimate Fangde. In addition, anti-virus software is well able to withstand malicious software, such as CDs or USB flash, that is communicated via a non-network approach.

7. Only visit HTTPS websites that have been viewed by all readers

The majority of users do not know the importance of three kinds of SSL reader view, perhaps do not understand not to visit the site without all three views. SSL viewing is an expired certificate, an untrustworthy publisher, and a host name mismatch between the certificate and the solicited URL.

8. Download the fulfillment order only from the trustworthy website

Social engineering is very lively on the internet! A useful way to publish malicious software is to put it in a seemingly useful order. In the future, malicious software will do whatever it wants. This type of aggression is also known as Trojan Horse attacks.

9. Do not visit the Web site that uses the IP address as a service

Compared to the attacks more and more the use of devices have a simple Web service home accounting machine. The victim's machine is typically directed to the new home accounting machine server by IP address instead of DNS host name. The URL of a legitimate Web site will use the hostname.

10. Carefully enter the URL to prevent mistakes

Users never attempt to visit the malicious software site, but accidents always happen. The fault of the input URL will generally log in to some of the sites waiting for you to visit. If your reader does not install all the patches, you will be able to download the malicious software in the download process.

Protecting web gateways, blocking malicious software

With Web gateway protection, you can thwart many web incursions. Ensure that your secure Web Gateway is supplied:

-> URL filtering function to prevent malicious software downloads, phone sales and fault entry

-> malicious software scanning function, scan virus, spy software, malicious mobile Code (MMC), harmful software, trojan, zombie network, worm, etc.

-> is aligned with the protection of HTTPS network traffic, not just HTTP and FTP

-> to view useful loads for the actual file type, rather than reliance on file extensions or other file revisions for avoidance of view

-> SSL Reader View hardening

-> blocking visits to URLs that use IP addresses instead of host names

-> only promises to perform and move code from trusted sites

-> promises to have a selective visit to a file in a gray list of executable files for a user (e.g. it clerk)

-> to download updates from trusted anti-malicious software providers on an active and regular day

-> scalable scanning for network communications, because users are very sensitive to delays

• Prevent duplicate traffic from being scanned from scratch

• Abnormal large network downloads (>200KB), do not weaken the routine network communication scanning function

• Don't waste resources to protect a lot of active TCP connections (<150)

-> in the popular network search engine for security search, as far as possible to avoid being directed malicious software service device

-> provides scan engine selection to better compensate for your desktop scan

-> do not trust visited Web pages via IP address

-> can identify unlimited data streams, such as Internet radio transmissions, which never stop and never be scanned

This article comes from http://www.mkddos.com (The Geek DDoS Group specializes in providing DDoS attackers, DDoS attack software, DDoS attack tools and tutorials, as well as traffic attackers, website attackers to download)