信息网络安全
信息網絡安全
신식망락안전
NETINFO SECURITY
2014年
9期
180-183
,共4页
漏洞%网络爬虫%SQL注入%XSS漏洞
漏洞%網絡爬蟲%SQL註入%XSS漏洞
루동%망락파충%SQL주입%XSS루동
vulnerability%Web spider%SQL injection%XSS vulnerability
随着互联网的飞速发展,网站安全问题日趋严峻,几乎每天都有大量网站被篡改,被植入木马、后门等恶意程序。网站安全扫描产品也如雨后春笋般出现,这种产品虽然不能像安全防护设备那样有效保护网站,但也能帮助管理员迅速了解网站存在的安全隐患。但是产品的好坏如何定义?文章根据网站安全扫描原理进行了详细阐述,并通过实际测试后的对比分析,提出了一些完善化的建议,希望提高网站安全扫描产品的扫描能力。
隨著互聯網的飛速髮展,網站安全問題日趨嚴峻,幾乎每天都有大量網站被篡改,被植入木馬、後門等噁意程序。網站安全掃描產品也如雨後春筍般齣現,這種產品雖然不能像安全防護設備那樣有效保護網站,但也能幫助管理員迅速瞭解網站存在的安全隱患。但是產品的好壞如何定義?文章根據網站安全掃描原理進行瞭詳細闡述,併通過實際測試後的對比分析,提齣瞭一些完善化的建議,希望提高網站安全掃描產品的掃描能力。
수착호련망적비속발전,망참안전문제일추엄준,궤호매천도유대량망참피찬개,피식입목마、후문등악의정서。망참안전소묘산품야여우후춘순반출현,저충산품수연불능상안전방호설비나양유효보호망참,단야능방조관리원신속료해망참존재적안전은환。단시산품적호배여하정의?문장근거망참안전소묘원리진행료상세천술,병통과실제측시후적대비분석,제출료일사완선화적건의,희망제고망참안전소묘산품적소묘능력。
With the rapid development of the internet, the problems of Web security are more and more serious, almost everyday lots of websites have been tampered, or injected with trojans horse, backdoors and other malicious programs. The scanning products of website security have sprung up, although these products cannot protect websites, they can help administrators understand vulnerabilities and security risks. But how to define the quality of these products? In this paper, website security scanning principles are explained in detail, after the comparative analysis, some suggestions on how to improve the capability of website security scanner are put forward.
