Home > Cloud Computing > Cloud Security

Web Ranger: Is your security product secure?

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

I have seen many articles on security product vulnerabilities on several portals over the past few days. I 'd like to say a few words:

One of the top five firewalls in China was passed in a certain evaluation due to security issues.
A buddy once scanned the default password of one of the top three firewalls in China, and then directly opened the FTP
Rising Overflow Vulnerability and accidental File Deletion
Kingsoft drug overlord overflow vulnerability, accidental File Deletion
Kaspersky Overflow Vulnerability and accidental File Deletion
McAfee accidentally deletes a file
Symantec Norton Overflow Vulnerability
......

I met a user who received a call a few years ago and asked for help. The server was unable to access the system. I suspected it was a problem with the security audit client and asked for help. Later, I conducted a simple analysis. The security audit client only used behavior auditing and did not control files. Based on the performance of the server at that time, I felt that a system file was deleted. What was done before the final start? The user said he had upgraded rising ...... Then I came to the rising website to see such a description and found a solution. The problem was solved smoothly.

In many cases, the hardware firewall is used as a gateway and does not change the default user name and password. I don't know how to submit the delivery documents during implementation by the manufacturer?

In a security attack and defense activity, we used a security gateway with VPN for remote access. During the early stage of the activity, the device was frequently disconnected and thought it was a performance problem. Later, a member of the team told me that they directly obtained the root permission by exploiting the security vulnerability of the security gateway, then modify the route information of the other account ...... The other party in the activity is always unable to dial in to the platform ......

In fact, as long as you pay attention to it, you will find that many security devices have many security problems. You have also met several times, but it is also a "hardware device", a streamlined operating system ", and a" Secure Linux "...... They are all the same. Even some security devices have weak root passwords!

If you see this article, you want to test the security of the security device on hand, the simplest: X-Scan or Nessus, upgrade to the latest X-Scan can also be imported into the Nessus library upgrade, is slow.) scan ...... Or weak passwords such as traffic and light may be discovered sometimes!

Why ?! Why ?!

This article from the "Web Ranger Zhang baichuan)" blog, please be sure to keep this source http://youxia.blog.51cto.com/45281/554260

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
what is secure web document how to tell if web page is secure norton security product key is fitbit apple product best secure web hosting f5 secure web gateway trustwave secure web gateway
Related Article
How does personal cloud security guarantee data security?
Cloud security to achieve effective prevention of the future ...
Focus on three major cloud security areas, you know?
Using redis to write webshell

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More