There are many kinds of attacks, which can actually be categorized into two types: Data destruction type and service failure type.
Data destruction type generally through intrusion, infiltration, etc. into the server inside, directly resulting in data theft, delete, etc., this kind of general by blocking various loopholes, do a good job of data backup to prevent. Confidential data to use security encryption measures, the original and ciphertext must not be put together. Service failure of the common DDoS, it seems that there is no bar to see the shadow of the means to defense. But basically a person kind of no matter, hehe.
The website is hacked from the form into the Web attack and the system attack, the Web attack mainly uses the website's script flaw to carry on, the system attack is carries on to the website's server's flaw, also includes the application software loophole.
Let's take a look at the illegal access records of the site www.114mulu.com (114 Site Directory) during the time of our weekly test:
/robots.txt
/mirserver.rar
/come.asp
/web.rar
/www.zip
/www.rar
/wwwroot.rar
/wwwroot.zip
/web.zip
/tomdb.mdb
/packet.mdb
/hsh.mdb
/upfile_flash.asp
/hytop.mdb
/mirserver1.rar
/ewebeditor/admin_login.asp
/eweb/admin_login.asp
/admin/editor/admin_login.asp
/admin/webedit/admin_login.asp
/admin/htmledit/admin_login.asp
/ewindoweditor/admin_login.asp
/admin888/ewebeditor/admin_login.asp
/admin/uppic.asp
/asp_bin/webeditor/admin_login.asp
/admin/eweb/admin_login.asp
/webadmin/ webaction/admin_login.asp
/webeditor/admin_login.asp
/userreg.asp
/admin/edit/admin_login.asp
/ manage/webeditor/admin_login.asp
/manage/editor/admin_login.asp
/qq.txt
/data/ewebeditor/admin_ Login.asp
/redirect.asp
/webedit/admin_login.asp
/newsadmin/ubb/admin_login.asp
/htmledit/admin_ Login.asp
/cmseditor/admin_login.asp
/admin/ewebeditor/admin_login.asp
/htmleditor/admin_login.asp
/editor/admin_login.asp
/lavery_edit/admin_login.asp
/admin/pro_admin/htmledit/admin_login.asp
/ include/upfile_flash.asp
/edit/admin_login.asp
/admin/webeditor/admin_login.asp
/manage/ewebeditor/ admin_login.asp
/admin/southidceditor/admin_login.asp
/manage/edit/admin_login.asp
/admins/upfile_ flash.asp
/qq.asp
/log.txt
/myup.asp
/mirserver2.rar
/admin/upfile_flash.asp
/diy.asp
/% e7%89%88%e6%9c%ac.rar
/bbs/cmd.asp
/shell.asp
/mirserver4.rar
/css.asp
/muonline.rar
/ Mirserver5.rar
/bbs/myup.asp
/mirserver3.rar
/xiao.asp
/bbs/css.asp
/pass.txt
/cmd.asp
/ Wolserver.rar
/bbs/diy.asp
/mima.txt
/log.asp
/password.txt
/servusu.asp
/ftp.txt
/onews.asp
/aspadmin_a.asp
/123.txt
/bbs/digshell2.asp
/tmdqq.asp
/123.rar
/web.config
/htdocs.rar
/data/dvbbs8.mdb
/ewebeditor/db/ewebeditor.mdb
/mirserver11.rar
/111.rar
/bbs/ Servu.aspx
/%e8%80%81%e5%8c%ba.rar
/bbs/data/dvbbs7.mdb
/fckeditor/editor/fckeditor.html
/ aspadmin.asp
/data/data.mdb
/digshell2.asp
/conn.asp
/sql.rar
/beifen.zip
/bbs/data/ Dvbbs8.mdb
/bbs/servu.asp
/data/link.mdb
/data/dvbbs7.mdb
/jinhuqq2007.txt
/otype.asp
/ Images/loading.gif
/conn.asp.bak
/upfile_flash1.asp
/aaa.asp
/cmirserver.rar
/servu.aspx
/% E5%a4%87%e4%bb%bd.rar
/admin/htmledit/db/ewebeditor.mdb
/inc/conn.asp
/jinhuqq.txt
/bbs/data/ Dvbbs6.mdb
/linki
/beifen.rar
/manage/login.asp
/shaoerjiaoyu/427.asp
/fck/editor/ fckeditor.html
/fckeditor/editor/filemanager/browser/default/browser.html
/qq2008jh.txt
/%e6%96%b0%e5 %8c%ba.rAR
/1.rar
/editor/editor/fckeditor.html
/data.asp
/digshell0.asp
/su.asp
/mhxy/data.asp
/bbs/databackup/dvbbs7_backup.mdb
/caches/tempcaches/5a/pagerank/style_1_common.css
/database/ Adsfkldfogowerjnokfdslwejhdfsjhk.mdb
/kzcamirserver.rar
/ewamhsh.mdb
/geujmirserver.rar
/ Hedawwwroot.zip
/thxzwww.rar
/htmledit/xofoadmin_login.asp
/vnxflog.asp
/slflmirserver3.rar
/ Pmmiwwwroot.zip
/fckeditor/editor/filemanager/connectors/asp/xhncconnector.asp
/kgqh111.rar
/ prwhuserreg.asp
/zqnqmirserver.rar
/klcoservusu.asp
/htmleditor/dxzzadmin_login.asp
/bbs/ taundiy.asp
/gawrcss.asp
/itxymirserver5.rar
/yiqi/404.asp
/cpanel
/admins/filfupfile_flash.asp
/rmzzmirserver.rar
/bbs/data/zzspdvbbs6.mdb
/webadmin/webaction/byxyadmin_login.asp
/vsjgftp.txt
/ggfawwwroot.zip
/vtmzqq2008jh.txt
/wqabhtdocs.rar
/mszaweb.zip
/zvoymirserver.rar
/ admin888/ewebeditor/uivoadmin_login.asp
/admin/htmledit/mpxuadmin_login.asp
/data/mshedata.mdb
/fck/ Editor/yzvkfckeditor.html
/asp_bin/webeditor/mhntadmin_login.asp
/bbs/data/owvcdvbbs8.mdb
/data/hwuidvbbs8.mdb
/ Rhitpacket.mdb
/include/oezaupfile_flash.asp
/data/ewebeditor/vmwvadmin_login.asp
/data/jntudvbbs7.mdb
/eweb/hofvadmin_login.asp
/hecpmima.txt
/bbs/zrvsmyup.asp
/zmddbeifen.rar
/database/ushuadsfkldfogowerjnokfdslwejhdfsjhk.mdb
/hidzwww.rar
/hczfbeifen.zip
/vglymirserver2.rar
/girmsql.rar
/data/ewebeditor/hghjadmin_login.asp
/fzwkmirserver.rar
/admin/webedit/nrjnadmin_login.asp
/jandhsh.mdb
/uwocmirserver5.rar
/rgkpwwwroot.rar
/admin/pro_admin/htmledit/owubadmin_login.asp
/admin/ewebeditor/zazuadmin_login.asp
/bdcjmirserver.rar
/ewebeditor/tcqqadmin_login.asp
/admin/webedit/ldvdadmin_login.asp
/wdgimirserver2.rar
/admin/eweb/zcwvadmin_login.asp
/admin888/ewebeditor/bdmaadmin_login.asp
/sqwgqq.asp
/gjlzmirserver.rar
/data/dvbbs6.mdb
/ecdutomdb.mdb
/admin/htmledit/cexyadmin_login.asp
/jqzsweb.zip
/htmledit/zyjjadmin_login.asp
/lkdxweb.rar
/webeditor/fvehadmin_login.asp
/vbwhmirserver.rar
/admin888/ewebeditor/pavoadmin_login.asp
/lwepcmd.asp
/edit/mysnadmin_login.asp
/admin/wvhnuppic.asp
/data/dcygdvbbs6.mdb
/ttweweb.rar
/awpnwwwroot.rar
/webeditor/ignfadmin_login.asp
/ttlsweb.config
/bptlweb.rar
/webedit/kjcqadmin_login.asp
/ebdxmirserver.rar
/newsadmin/ubb/eweiadmin_login.asp
/xrdk%e8%80%81%e5%8c%ba.rar
/ewebeditor/db/ldrwewebeditor.mdb
/bbs/yuqrcmd.asp
/editor/hzsdadmin_login.asp
/vnyomirserver.rar
/editor/qizvadmin_login.asp
/manage/edit/olpjadmin_login.asp
/unzxwwwroot.rar
/wrrkpassword.txt
/rpzomirserver.rar
/oubpwww.rar
/bbs/vwqtdiy.asp
/zqejdiy.asp
/kocediy.asp
/yrufdata.asp
/tool114la.gif
/admin/editor/db/ziqxewebeditor.mdb
/edit/pfujadmin_login.asp
/admin/editor/ucjyadmin_login.asp
/dfinweb.zip
/mqoomirserver4.rar
/bbs/owhscss.asp
/xwkdmyup.asp
/lavery_edit/mrjoadmin_login.asp
/admin/mpxbuppic.asp
/webeditor/rjhnadmin_login.asp
/xbsaqq.txt
/admin/webedit/bnqyadmin_login.asp
/admin888/ewebeditor/kqtaadmin_login.asp
/crvmqq.txt
/thwudigshell0.asp
/piorwww.zip
/aohjweb.rar
/qewcpass.txt
/cmseditor/hgxnadmin_login.asp
/ttyfmirserver.rar
/ziubtmdqq.asp
/dgdqweb.rar
/zzrbmirserver.rar
/data/jokplink.mdb
/kzzuhytop.mdb
/admin/eweb/hkvradmin_login.asp
/manage/webeditor/mfgwadmin_login.asp
/tvfamirserver.rar
/rmqtwwwroot.rar
/ewindoweditor/xknhadmin_login.asp
/pbuupacket.mdb
/azynupfile_flash.asp
/manage/edit/pynfadmin_login.asp
As can be seen from the above results, such attackers are very keen to get the source code of the 114 Web site Directory site, using a variety of regular guessing files for access. Here, we also casually remind readers not for the convenience of the figure and the above documents easily exposed, to know that you convenient at the same time for hackers to open the door of convenience. Therefore, we also listed here a more detailed, you can see if their own web site has such a loophole ... Fortunately, because of the 114 site Directory all the program code is developed by themselves, protection relatively good, did not leave any traces on the server. Of course, this kind of attack is obviously the lowest, here we just remind you not to routinely back up the site data on the server.
After our analysis, the Site Directory program in the website navigation site is indeed a very advanced program, all aspects for the user (browser) to maximize the use of optimization. So it is necessary to protect the program itself.
After a week of our test analysis of www.114mulu.com, we made the following recommendations for the 114 Site Directory site:
1. Because the station does not have its own independent server, the use of a network of independent IP server system. So in the system security can save a lot of effort, to focus on data security.
2. The website uses the static page as far as possible, very good eliminates the SQL injection. Even if injected into the current use and access to the basic will not cause much impact. or minimize the impact.
3. Data should be backed up regularly.
4. The website backstage must change the name more, or is in use the process to upload again, or is the upload use immediately after the replacement name.
5. Use our company specially provided the website security analysis system, carries on the analysis identification to the intruder. The system can collect the identity information of the attacker well, and it is valid for the common fake IP address.
6. Given the security of the site, we do not describe the article specifically.
7. Under conditions, it is best to put the data on their own server, rejecting the "springboard" attack.
Finally, we also hope that the 114 site Directory will have a good development!
For more information on network security technology please login: Http://www.3safe.net/jishu, hard to write for a long time, for their own station propaganda under it!