Through the earthquake website was black focus on the site security capabilities

The intermediary transaction SEO diagnoses Taobao guest stationmaster buys the Cloud host technology Hall

Since the "5.12" earthquake, there have been too many things happening in the land of China. "Prosperous", let us see the hope of Sichuan, China's hope. But in this time of national mourning, there have been some things that have been spurned. Let's take a look at the relevant media reports: May 28, 29th night, Shaanxi province earthquake Information Network was a series of malicious attacks, the suspect modified the relevant information, and the homepage of the site spread "23:30 Shaanxi will have a strong earthquake occurred" and other rumors, resulting in some people's psychological panic; and on May 31, June 1 , 2nd, the official website of Guangxi Seismological Bureau was also continuously attacked by hackers. Hackers tamper with Web site data, release the recent earthquake in the false information, and so on, these seismic information authoritative publishing site was hacked, in the community has caused great adverse impact.

"Website Hacker", "Olympic hackers, seems to have recently become a hot topic of internet security, from Google to search for" Olympic hackers "the word, has reached more than 646,000 items, can be seen by the high degree of attention, and ordinary Web site has been frequently spread by hackers attack the news, According to the data show: This January-May, the country has more than 30,000 sites were "hackers" intrusion! Due to the lack of professional protection capabilities, small and medium-sized government websites, corporate websites have become the biggest victims of "hacker" intrusion.

Small and medium Web site security issues

Expert ideas: Build a secure server environment to prevent the first lock

According to a Shaanxi Seismological bureau responsible for website maintenance technicians told reporters that the Shaanxi earthquake network was attacked by hackers, the home page shows the "site major security vulnerabilities" of the information is a hacker published false information, and the current Web site is safe to run, there is no technical loopholes. We condemn "earthquake hackers" at the same time, also thinking about another problem, how to protect our website safe operation? On this issue, the reporter visited the domestic and small web site security experts.

According to the introduction: to build a secure server environment, building a hacker attack the first chain. But building a secure server environment to withstand "hacker" attacks is quite extensive, but in terms of small and medium web sites, it can be roughly three:

(a) Technical aspects: the use of hardware and software firewalls, anti-virus software, page tamper-proof system to establish a better structure of the Web server environment;

(ii) Services: Network topology analysis, the establishment of central computer room management system, the establishment of operating systems and anti-virus software to upgrade the mechanism of regular updates to the key server access log backup, through these services to enhance the network's anti-jamming;

(iii) Support: Require service providers to provide troubleshooting services to improve the reliability of the network.

But at present, most of the small and medium-sized sites are hosted in the form of a virtual host, to improve the security of the site, reduce the risk of hacker attacks, webmasters should be timely to their own web site procedures to play the latest patches, in the development of the time should strengthen security awareness, pay attention to prevent injection loopholes, At the same time, the site hosted in the technical strength, high safety factor, can take the initiative to help customers solve the security of the service provider, to ensure the safety of the site safe operation Environment.

Expert weapon Two: Pay attention to website system security, supervised second lock

Building a secure server environment, just from the periphery of the attack "hacker", but more importantly to protect the Web site system security, to prevent hackers exploit system vulnerabilities to attack, thereby threatening the site security.

According to the company's network security experts introduced: according to the 2007 OWASP organization published the WEB Application vulnerability 10 rankings of the results show that cross-site scripting, injection vulnerabilities, cross-station request forgery, information disclosure and other aspects of the problem is still the current hacker popular attack mode, Especially in SQL injection attacks and Cross-site scripting attacks, the so-called SQL injection attack is the use of programmers in the code when the user input data does not judge the legality, resulting in the intruder can insert and execute malicious SQL commands, access to data read and modify the permissions; Cross-station scripting attacks are done by adding malicious code to the Web page, and when a visitor browses to a Web page, the malicious code is executed or the administrator is given the ability to browse through the message, thereby gaining administrator privileges and controlling the entire site.

So, there is no effective security means for such hacking attacks? It is reported that in the development of sitefactory™ content management system, the corresponding complete defense scheme is developed for various attack modes, and with the help of ASP.net features and functions, Can effectively resist malicious users of the site attacks, improve the security of the site, but for the current SQL injection attacks and Cross-site scripting attacks, its more effective means of blocking? To this end, we have to the easy network security experts to understand, he introduced us to some security measures:

(i) for SQL injection attacks: The dynamic system uses the query parameters of SQL query to filter, using type-safe SQL Parameterized Query method, fundamentally solve the problem of SQL injection; URL parameter type, quantity, scope limit function, solve malicious user through the address bar malicious attacks, such as the control of SQL injection, but also include some other filtering processing, and other user input data validation to prevent SQL injection attacks.

(ii): for cross-site scripting attacks: In the context of HTML-less content directly to implement the method of coding, to fundamentally solve the problem of cross-station. And for HTML-enabled content, we have a special filtering function that will handle the data securely (based on the attack instances of the XSS attack library), although this method is currently secure, but does not necessarily mean that it will be safe in the future, because the means of attack are constantly being refurbished and our filtering function libraries are constantly being updated.

In addition to the external station access and direct access we have also made judgments, to a certain extent can also avoid cross-station attacks. Even if there is a cross station attack, we will reduce the impact of the attack to the minimum: first, for some of the background will display HTML content, through the frame of the security properties security= "restricted" to prevent the operation of the script (ie effective); Use the HttpOnly property of cookies to prevent cookies from being compromised by scripting (IE6 SP1 above, Firefox 3); The authentication ticket is encrypted; four, it is recommended to use a higher version of IE or FF.

User three: Call webmaster and the Government concerned about the safety of the site, mobilize the third lock

April 29, 2008, the State Council issued the "Council on the implementation of the People's Republic of China Government Information disclosure regulations," the views of several issues (Kwok (2008)36), the text fully embodies the determination of public affairs, The government-open group wants information channels that are traditional paper media and governmental websites, but according to CNCERT/CC, the total number of doctored sites in China has accumulated 61,228, up 1.5 times times from last year. The number of government websites in mainland China has been tampered with up to 3,407. In 2007, the Chinese government website was tampered with a total of 4,234 months.

A series of figures and facts have proved that we have a serious hidden dangers in the site security, and the webmaster and the government in security plays an important role, on the one hand, we call webmasters to pay attention to site security, building site security basic protection capabilities, reduce the risk of being "hacker" attack, On the other hand, we call on the government to pay attention to the crime of cyber hacking, strengthen the legislation of Internet crime, and safeguard the safety of the website from the system.