Website intrusion and script attack

Read website intrusion and script attack and defense notes

Incomplete statistics, a network intrusion event occurs every 20 seconds. The global loss is about tens of billions of; 90% of our websites have security issues, and these hackers attack through the Web service port 80 port, Web attacks can change the directory of the site, seriously stealing important customer information.

Common scripting attacks are: SQL Script injection attacks, etc.;

Understand some of the keywords used in SQL: Data tables, records, fields (field), Queries (query), SQL, index (index), and keys (key).

Data table (table): Refers to the framework structure used to hold the actual relevant data, each row of this data table is called a data record, for example: In our site there is a user table, this table may contain name, phone, gender, and many other fields (field). The description of a database is called the database model, and it is made up of all the data tables in the database and all of their fields, relationships, and indexes. The database model defines not only the overall framework of the various data structures involved, but also the data storage format that will be stored here.

Query and SQL: Queries are executed through various SQL directives, which are responsible for the work of filtering and extracting result data.

Index and primary key (primary key): As the amount of data increases, the amount of database data increases, the query speed is often affected by the amount of data, so in order to improve the query speed, it is necessary to establish an appropriate index for the data. Indexing improves speed but there are some problems: increase the amount of space the database file occupies on the hard disk. The index must be updated as the original data changes to make sense, so the index can save time when reading the data, but the index will slow down when entering or modifying the data.

Database Management System is a software that operates and manages databases and is used to establish, use, and maintain databases, referred to as DBMS. The current data model is more important in 3 types: Hierarchical model, network model, and relational model. The database management system based on relational model is called relational database management system, short (RDMS). At the moment, the more famous are: Oracle, Sybase, Microsoft SQL Server, Microsoft Access, Mysql.

Here are a few important SQL statements:

Sql= "SELECT * from table where field name = field value order BY field name [desc]";

Sql= "SELECT * from table where field name like '% field value% ' Order by field name [desc]"

Website intrusion and script attack