Top 10 WEB security attacks and defense methods

At present, some security experts have summarized the Top Ten Causes of cyberattacks in the Web security field. It is recommended that enterprise users solve the problem from ten aspects based on their own situations in order to obtain the best security experience.

Top 10 Web attack causes

First, desktop Vulnerabilities

Internet Explorer, Firefox, and Windows contain many vulnerabilities that can be exploited by hackers, hackers can exploit these vulnerabilities to automatically download malware code without the user's consent-also known as hidden download.

Second, Server Vulnerabilities

Due to vulnerabilities and Server Management Configuration errors, Internet Information Server (IIS) and Apache network servers are often attacked by hackers.

Third, Web server virtual hosting

At the same time, servers hosting several or even thousands of websites are also targets of malicious attacks.

Fourth, explicit/open proxy

Computers controlled by hackers can be set as proxy servers to bypass URL filtering for communication control, perform anonymous Internet access or act as middlemen for illegal website data streams.

Fifth, HTML can embed objects from completely different servers on the webpage.

Users can access the web page from a specific website, and automatically download objects from legitimate websites such as Google analysis servers; AD servers; malware download websites; or redirect users to malware websites.

Sixth, ordinary users do not know the security status

Most users do not understand the reasons for the three SSL browser checks; do not know how to verify the legitimacy of the Downloaded Program; do not know whether the computer is abnormal; do not use the firewall in the home network; I do not know how to distinguish between phishing and legal web pages.

7. Extensive use of mobile code on websites

JavaScript, Java applets ,. NET Applications, Flash applications, and ActiveX open the door for poorly-coded Web applications that accept user input and use Cookies, just as in cross-site scripting (XSS.

Eighth, wide application of broadband access

Most enterprise networks are protected by firewalls. Home users without NAT firewalls are vulnerable to attacks and their personal information is lost. They act as DDoS botnets; install a Web server hosting malicious code-home users may not have any doubts about these conditions.

9. general access to HTTP and HTTPS

To access the Internet, you must use the Web. All computers can access HTTP and HTTPS through the firewall. Many programs access the Internet through HTTP, such as IM and P2P software.

10. Use embedded HTML in emails

The HTML in the email is used to obtain malware code from the Web, and the user may not know that a request has been sent to a website.
Ten ways to defend against Web Attacks

First, block access to malware servers

When a desktop user requests an HTTP or HTTPS webpage from an unknown malware server, the request is immediately blocked, saving bandwidth and scanning resources.

Second, restrict the mobile code to a trusted website.

Mobile Code such as scripts and active code can make the network richer and more interesting, but hackers also penetrate into the desktop computer and run executable code or applications to execute embedded scripts in files.

Third, scan at the Web gateway

Do not consider that all your desktops are up-to-date. They are well managed by running anti-virus programs (AVP) or accessing computers. You need to perform a centralized scan before malware attempts to enter the network rather than before entering the desktop, so as to easily control all incoming Web communication.

Fourth, use products of different vendors for desktop and Web gateway Scanning

The current attacks were tested against popular AVP before they were released. The diversity of malware scans increases the chance of blocking threats.

Fifth, regularly update desktop and server Patches

Most attacks and threats spread by exploiting application and system vulnerabilities. Reduces the risk of known vulnerabilities on your computer.

Sixth, install and update the anti-virus software.

The anti-virus software has been installed as a standard program since the launch of viruses in the boot zone. It is used to check incoming files, scan memory, and current files.

7. Only access the HTTPS website that is checked by all browsers

Most users do not understand the importance of the three SSL browser checks, or do not understand the importance of accessing websites that do not pass all the three checks. The SSL check is an expired certificate; the publisher is untrusted; and the Host Name of the certificate does not match the requested URL.

Eighth, only executable programs are downloaded from trusted websites.

Social engineering is very active on the Internet! An effective way to publish malware is to bind it to seemingly useful programs. After the execution, the malicious software will do whatever it wants. This type of attack is also called a Trojan Horse attack.

Ninth, do not access the website that uses the IP address as the server

Recent attacks are increasingly exploiting home computers installed with simple Web servers. The victim's machine is usually directed to a new home computer server through an IP address instead of a DNS host name. The host name is used for URLs of valid websites.

10. Enter the URL carefully to avoid errors.

Users never try to access malware websites, but accidents always happen. Incorrectly entering a website address will usually log on to some websites waiting for you to visit.