Eight reasons why hackers use Web Attacks

With the advent of the Web2.0 era, major social networking websites have become mainstream interactive media. As a mysterious force in the Internet, the idea of "hackers" is also advancing with the times. Nowadays, most hackers are more and more inclined to use various Web attack methods, that is, they bypass conventional protection methods such as firewalls, and make the attack methods easier and more diversified, making them difficult to defend against.

There is a reason why hackers generally use Web Attacks:

1. Server Vulnerabilities

Due to vulnerabilities and Server Management Configuration errors, Internet Information Server (IIS) and Apache network servers are often used by hackers for Web attacks.

2. Web server virtual hosting

At the same time, servers hosting several or even thousands of websites are also targets of malicious Web attacks.

3. Explicit/open proxy

Computers controlled by hackers can be set as proxy servers to bypass URL filtering for communication control, perform anonymous Internet access or act as middlemen for illegal website data streams.

4. HTML can embed objects from completely different servers on the webpage.

Users can access the web page from a specific website, and automatically download objects from legitimate websites such as Google analysis servers; AD servers; malware download websites; or redirect users to malware websites.

5. The common client may be a hacker's test source.

Internet Explorer, Firefox, and other browsing areas and Windows operating systems contain many vulnerabilities that can be exploited by hackers, especially when users do not install patches in a timely manner. Hackers can exploit these vulnerabilities to automatically download malware code without the user's consent-also known as hidden download. Therefore, they may often become controlled by hackers. when accessing your website, Web attacks pose risks to your applications.

6. Various mobile codes and cross-site scripts are widely used on websites.

Disable JavaScript, Java applets, and ,. NET Applications, Flash, or ActiveX seem to be a good idea, because they all automatically execute scripts or code on your computer, but if these features are disabled, many websites may not be able to browse. This opens the door for poorly-coded Web applications that accept user input and use Cookies, just as in cross-site scripting (XSS. In this case, some data (Cookies) Web applications that need to access other open pages may be messy. Any Web application that accepts user input (blog, Wikis, and comments) may accidentally accept malicious code, which can be returned to other users, unless your input is checked for malicious code.

7. General access to HTTP and HTTPS

To access the Internet, you must use the Web. All computers can access HTTP and HTTPS through the firewall (TCP ports 80 and 443 ). It can be assumed that all computers can access the external network. Many programs access the Internet through HTTP, such as IM and P2P software. In addition, these hijacked software opened the channel for sending botnet commands, resulting in Web attacks.

8. embedded HTML is used in emails.

Because the SMTP Email Gateway restricts email sending to some extent, hackers do not often send malicious code in emails. On the contrary, the HTML in the email is used to obtain malware code from the Web, and the user may not know that a request has been sent to a website.

We can see from the common Web attack directions of the above hackers that, in order to prevent us from becoming the target of these hackers, we need a device dedicated to comprehensive protection against Web attacks, deploy a three-dimensional protection layer to automatically and intelligently identify and defend against these attacks. Instead of using one or more traditional passive protection gateways with fixed policies or fixed attack feature libraries.

The emergence of the WEB application firewall is dedicated to solving this problem. The application firewall processes the application layer by executing requests within the application session, it protects Web application communication streams and all related application resources from Web attacks by exploiting Web protocols or application vulnerabilities. The application firewall can block browser and HTTP attacks that use application behavior for malicious purposes. Some powerful application firewalls can even simulate a proxy as a website server to accept application delivery, the image is equivalent to adding a safe insulation housing to the original website.