Ten reasons for hacking web attacks

With various internet-based security attacks frequently, web security has become a hot topic in the industry. This article discusses the ten reasons why hackers use the web to attack and the ten ways to defend against web threats.

Ten reasons why hackers use the web to attack

1. Desktop Vulnerabilities

Internet Explorer, Firefox, and Windows operating systems contain many vulnerabilities that can be exploited by hackers, especially if users often do not install patches in a timely fashion. Hackers use these vulnerabilities to automatically download malware code without user consent-also known as a hidden download.

2. Server Vulnerabilities

Because of vulnerabilities and server Management configuration errors, Internet Information Server (IIS) and Apache network servers are often used by hackers to attack.

3.Web Server Virtual Hosting

Hosting several or even thousands of Web sites is also a target for malicious attacks.

4. Dominant/Open Agent

Hackers-controlled computers can be set up as proxy servers, avoiding URL filtering to control communications, making anonymous Internet access or acting as intermediaries in illegal web site data streams.

5.HTML can embed objects from completely different servers within a Web page

Users can request a Web page from a specific Web site, automatically download objects from legitimate web sites such as Google Analytics servers, ad servers, malware download sites, or redirect to malware sites.

6. Ordinary users are not aware of the security situation

Most users do not understand the reasons for the three SSL browser checks, do not know how to verify the legality of the downloaded program, do not know if the computer is not normal, do not use a firewall within the home network, and do not know how to distinguish between phishing and legitimate web pages.

7. Mobile code is widely used on the website

Disables JavaScript, Java applets, in the browser. NET applications, flash, or ActiveX sounds like a good idea, because they will automatically execute scripts or code on your computer, but if you disable these features, many Web sites may not be able to browse. This opens the door for poorly coded Web applications that accept user input and use cookies just as they would in Cross-site scripting (XSS). In this case, some data (Cookies) Web applications that require access to other open pages can be confusing. Any Web application that accepts user input (blogs, Wikis, comment sections) may inadvertently accept malicious code that can be returned to other users unless the user's input is checked for malicious code.

8. Wide application of All-weather high-speed broadband Internet access

Most corporate networks are protected by firewalls, home users without a network address translation (NAT) firewall are vulnerable to attacks and lose personal information, a zombie computer that acts as a distributed denial of Access Service (DDOS), and a Web server that hosts malicious code--a home user may not have any doubts about these situations.

9. Universal access to HTTP and HTTPS

Access to the Internet must use the Web, and all computers can access HTTP and HTTPS (TCP ports 80 and 443) through the firewall. You can assume that all computers have access to the external network. Many programs have access to the Internet via HTTP, such as IM and Peer-to-peer software. In addition, the hijacked software opens the channel for sending botnet commands.

10. Use embedded HTML in the message

Because the SMTP e-mail gateway restricts the delivery of messages to some extent, hackers have not often sent malicious code in e-mail messages. Instead, the HTML in an e-mail message is used to get malicious software code from the Web, and the user may not even know that a request has been sent to a Web site.

Protect the Web gateway, block malicious software

With Web gateway protection, you can block many web attacks. Ensure that your secure Web gateway provides:

URL filtering to prevent malware downloads, phone transactions, and error entry

Malware scanning capabilities, scanning viruses, spyware, malicious mobile Code (MMC), unwanted software, Trojans, botnets, worms, and so on.

Protection against HTTPS network traffic, not just HTTP and FTP

Check the payload for the real file type instead of trusting the file name extension or other file modifications to avoid checking

Hardening of SSL Browser checks

Prevent access to URLs with IP addresses rather than host names

Allow only executable and mobile code from trusted Web sites

Allow selective access to files in the gray list of executable files for users, such as IT administrators

Automatically download updates from trusted Anti-malware providers regularly on a daily basis

Scalable scanning optimized for network traffic because the user is very sensitive to latency

• Avoid rescan for repetitive traffic

• Abnormal large network downloads (>200KB), do not weaken the performance of conventional network communication scans

• Do not waste resources to maintain a large number of active TCP connections (<150)

Secure search on popular web search engines to avoid being directed to malware servers

Provides scan engine selection to better complement your desktop scan

Don't trust access to Web pages by IP address

can identify infinite streams of data, such as Internet radio broadcasts, which never stop and never be scanned

Ten ways to defend against web threats

1. Block access to malicious software servers

When a desktop user requests HTTP and HTTPS Web pages from an unknown malicious software server, immediately blocks this request, saving bandwidth and scanning resources.

2. Limit mobile code to trustworthy sites

Mobile code such as scripting and active code can make the network richer and more interesting, but hackers also infiltrate desktop computers and run executable code or applications to execute scripts embedded in files.

3. Scanning at the Web gateway

Do not assume that all of your desktops are up to date, run anti-virus programs (AVP) or access Computer Management perfect. You can easily control all incoming Web traffic (HTTP, HTTPS, and FTP) by conducting a centralized scan before the malware attempts to enter your network instead of having entered the desktop.

4. Desktop and Web gateway scanning using products from different vendors

The current attack was tested against the popular AVP before it was released. The diversity of malware scans increases the chance to block threats.

5. Update desktop and server patches regularly

Most attacks and threats are spread using application and system vulnerabilities. Reduce the risk that a known vulnerability poses to your computer.

6. Install anti-virus software and keep it updated

Since the boot area virus appears, the installation of anti-virus software has become a standard program for checking incoming files, scanning memory, and current files. Any computer running Windows should have the latest anti-virus software installed. If "bad" has broken through all other network protections, this is the last line of defense. In addition, anti-virus software can be a good defense against malicious software propagated through non-network methods, such as a CD or USB flash.

7. Only access to HTTPS sites checked through all browsers

Most users do not understand the importance of three SSL browser checks, or do not understand that you do not access sites that do not pass all three checks. The SSL check is an expired certificate, a publisher that is not trustworthy, and a host name mismatch between the certificate and the requested URL.

8. Download executable programs only from trustworthy websites

Social engineering is very active on the Internet! An effective way to publish malware is to bundle it into seemingly useful programs. After execution, the malware will do whatever it wants. This type of attack is also known as a Trojan horse attack.

9. Do not access the Web site that uses the IP address as a server

Recent attacks are increasingly taking advantage of home computers with simple Web servers installed. The victim's machine is typically directed to a new home computer server through an IP address instead of a DNS host name. The URL of a legitimate Web site uses the host name.

10. Carefully enter the URL to avoid errors

Users should never attempt to access a malicious software site, but accidents can always happen. Incorrectly entering URLs will usually log in to certain sites waiting for you to come. If your browser does not have all the patches installed, you are likely to download the malware during the download process.