Mao Jun: Attack and Defense "Ten Causes and ten results"

At present, some experts have summarized the Top Ten Causes of cyberattacks in the Web security field. It is recommended that you solve the problem from ten aspects based on your own situation, in order to obtain the best security experience.
Top 10 Web attack causes
First, desktop vulnerabilities. Internet Explorer, Firefox, and Windows contain many vulnerabilities that can be exploited by hackers.
Second, server vulnerabilities. Due to vulnerabilities and Server Management Configuration errors, Internet Information Server (IIS) and Apache network servers are often attacked by hackers.
Third, Web server virtual hosting. At the same time, servers hosting several or even thousands of websites are also targets of malicious attacks.
Fourth, explicit/open proxy. Computers controlled by hackers can be set as proxy servers to bypass URL filtering for communication control, perform anonymous Internet access or act as middlemen for illegal website data streams.
Fifth, HTML can embed objects from completely different servers on the webpage. Users can access the webpage from a specific website, download the website from malware, or redirect the website to malware.
Sixth, ordinary users do not know the security status. Most users do not understand the reasons for the three SSL browser checks, do not use firewalls in the home network, and do not know how to distinguish between phishing and legitimate Web pages.
7. Mobile Code is widely used on websites. JavaScript, Java applets,. NET, Flash, and ActiveX open the door for poorly-coded Web applications.
Eighth, broadband access is widely used. Most enterprise networks are protected by firewalls. Home users without NAT firewalls are vulnerable to attacks and their personal information is lost. They act as DDoS botnets; install a Web server hosting malicious code-home users may not have any doubts about these conditions.
9. general access to HTTP and HTTPS. To access the Internet, you must use the Web. All computers can access HTTP and HTTPS through the firewall. Many programs access the Internet through HTTP, such as IM and P2P software.
10. Use embedded HTML in emails. The HTML in the email is used to obtain malware code from the Web, and the user may not know that a request has been sent to a website.
Ten ways to defend against Web Attacks
First, block access to malware servers. When a desktop user requests an HTTP or HTTPS webpage from an unknown malware server, the request is immediately blocked, saving bandwidth and scanning resources.
Second, restrict the mobile code to a trusted website. Mobile Code such as scripts and active code can make the network richer and more interesting, but also allow hackers to penetrate into the desktop computer and run executable code or applications to execute embedded scripts in files.
Third, scan at the Web gateway. Do not consider all desktops as up-to-date. Run the anti-virus program (AVP) or access the computer for comprehensive management. You need to perform a centralized scan before malware attempts to enter the network rather than before entering the desktop, so as to easily control all incoming Web communication.
Fourth, use products of different vendors for desktop and Web gateway scanning. The current attacks were tested against popular AVP before they were released. The diversity of malware scans increases the chance of blocking threats.
Fifth, regularly update desktop and server patches. Most attacks and threats spread by exploiting application and system vulnerabilities. Reduces the risk of known vulnerabilities on computers.
Sixth, install and update the anti-virus software. The anti-virus software has been installed as a standard program since the launch of viruses in the boot zone. It is used to check incoming files, scan memory, and current files.
7. access only HTTPS websites that have been checked by all browsers. Most users do not understand the importance of the three SSL browser checks, or do not understand the importance of accessing websites that do not pass all the three checks. The SSL check is an expired certificate; the publisher is untrusted; and the Host Name of the certificate does not match the requested URL.
Eighth, only executable programs are downloaded from trusted websites. Social engineering is very active on the Internet! An effective way to publish malware is to bind it to seemingly useful programs. After the execution, the malicious software will do whatever it wants. This type of attack is also called a Trojan Horse attack.
Ninth, do not access the website that uses the IP address as the server. Recent attacks are increasingly exploiting home computers installed with simple Web servers. The victim's machine is usually directed to a new home computer server through an IP address instead of a DNS host name. The host name is used for URLs of valid websites.
10. Enter the URL carefully to avoid errors. Users never try to access malware websites, but accidents always happen. If you enter a wrong website, you will usually log on to some websites waiting for you to visit.