受到黑客攻击

最新推荐文章于 2022-05-22 02:23:46 发布
最新推荐文章于 2022-05-22 02:23:46 发布
阅读量1.5k 收藏 1
点赞数
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qxd100/article/details/54584773
版权

导致内存用量增加,最终服务挂掉的Catalina.out文件LOG的一部分:


16:57:12,881 ERROR [http-bio-80-exec-162][PortletRequestProcessor:324] Remote address 180.97.106.37
16:57:12,890 ERROR [http-bio-80-exec-162][PortletRequestProcessor:326] Invalid path was requested /login/login%') LIMIT 1,1 UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL#
16:57:13,322 WARN  [http-bio-80-exec-132][SecurityPortletContainerWrapper:630] Reject process action for http://180.76.147.172/web/-/1 on 49
16:57:15,542 ERROR [http-bio-80-exec-130][status_jsp:753] javax.portlet.PortletModeException: -9964%' or row(9156,3991)>(select count(*),concat(0x3a7167613a,(select (case when (9156=9156) then 1 else 0 end)),0x3a756f6e3a,floor(rand(0)*2))x from (select 5923 union select 8842 union select 7286 union select 3066)a group by x)  and '%'='
16:57:15,722 ERROR [http-bio-80-exec-140][status_jsp:753] javax.portlet.PortletModeException: -6177
16:57:15,942 ERROR [http-bio-80-exec-149][status_jsp:753] javax.portlet.PortletModeException: -1974 or row(9156,3991)>(select count(*),concat(0x3a7167613a,(select (case when (9156=9156) then 1 else 0 end)),0x3a756f6e3a,floor(rand(0)*2))x from (select 5923 union select 8842 union select 7286 union select 3066)a group by x) -- fsxt
16:57:15,994 WARN  [http-bio-80-exec-160][SecurityPortletContainerWrapper:630] Reject process action for http://180.76.147.172/web/-/1 on 1263%'ORROW(4430,4808)>(SELECTCOUNT(*),CONCAT(0x3a716f703a,(SELECT(CASEWHEN(4430=4430)THEN1ELSE0END)),0x3a6e74743a,FLOOR(RAND(0)*2))xFROM(SELECT2861UNIONSELECT6672UNIONSELECT2046UNIONSELECT9462)aGROUPBYx)AND'%'='
16:57:16,089 WARN  [http-bio-80-exec-139][SecurityPortletContainerWrapper:630] Reject process action for http://180.76.147.172/web/-/1 on 49
16:57:16,271 ERROR [http-bio-80-exec-158][status_jsp:753] javax.portlet.PortletModeException: -6332
16:57:16,317 ERROR [http-bio-80-exec-155][PortletRequestProcessor:321] User ID null
16:57:16,318 ERROR [http-bio-80-exec-155][PortletRequestProcessor:322] Current URL /ca/web/-/1?p_p_id=58&p_p_lifecycle=0&p_p_state=maximized&p_p_mode=view&saveLastPath=false&_58_struts_action=%2Flogin%2Flogin%25%27%29%20LIMIT%201%2C1%20UNION%20ALL%20SELECT%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%23
16:57:16,319 ERROR [http-bio-80-exec-155][PortletRequestProcessor:323] Referer null
16:57:16,319 ERROR [http-bio-80-exec-155][PortletRequestProcessor:324] Remote address 180.97.106.162
16:57:16,320 ERROR [http-bio-80-exec-155][PortletRequestProcessor:326] Invalid path was requested /login/login%') LIMIT 1,1 UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL#
16:57:16,398 WARN  [http-bio-80-exec-111][SecurityPortletContainerWrapper:630] Reject process action for http://180.76.147.172/web/-/1 on 6636
16:57:16,434 WARN  [http-bio-80-exec-131][SecurityPortletContainerWrapper:630] Reject process action for http://180.76.147.172/web/-/1 on 49
16:57:16,555 ERROR [http-bio-80-exec-148][PortletRequestProcessor:321] User ID null
16:57:16,572 ERROR [http-bio-80-exec-148][PortletRequestProcessor:322] Current URL /ca/web/-/1?p_p_id=58&p_p_lifecycle=0&p_p_state=maximized&p_p_mode=view&saveLastPath=false&_58_struts_action=%2Flogin%2Flogin%25%27%29%20LIMIT%201%2C1%20UNION%20ALL%20SELECT%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%23
16:57:16,572 ERROR [http-bio-80-exec-148][PortletRequestProcessor:323] Referer null
16:57:16,573 ERROR [http-bio-80-exec-148][PortletRequestProcessor:324] Remote address 180.97.106.162
16:57:16,583 ERROR [http-bio-80-exec-148][PortletRequestProcessor:326] Invalid path was requested /login/login%') LIMIT 1,1 UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL#
16:57:16,642 ERROR [http-bio-80-exec-136][status_jsp:753] javax.portlet.PortletModeException: -4023) or 1 group by concat(0x3a7167613a,(select (case when (5081=5081) then 1 else 0 end)),0x3a756f6e3a,floor(rand(0)*2)) having min(0)#
16:57:16,855 WARN  [http-bio-80-exec-130][SecurityPortletContainerWrapper:630] Reject process action for http://180.76.147.172/web/-/1 on 9125)OR1GROUPBYCONCAT(0x3a716f703a,(SELECT(CASEWHEN(1418=1418)THEN1ELSE0END)),0x3a6e74743a,FLOOR(RAND(0)*2))HAVINGMIN(0)#
16:57:17,187 WARN  [http-bio-80-exec-126][SecurityPortletContainerWrapper:630] Reject process action for http://180.76.147.172/web/-/1 on 49
16:57:17,530 WARN  [http-bio-80-exec-139][SecurityPortletContainerWrapper:630] Reject process action for http://180.76.147.172/web/-/1 on 49
16:57:18,105 WARN  [http-bio-80-exec-148][SecurityPortletContainerWrapper:630] Reject process action for http://180.76.147.172/web/-/1 on 49
16:57:18,155 WARN  [http-bio-80-exec-161][SecurityPortletContainerWrapper:630] Reject process action for http://180.76.147.172/web/-/1 on 4502)OR1GROUPBYCONCAT(0x3a716f703a,(SELECT(CASEWHEN(1418=1418)THEN1ELSE0END)),0x3a6e74743a,FLOOR(RAND(0)*2))HAVINGMIN(0)#
16:57:18,303 ERROR [http-bio-80-exec-162][PortletRequestProcessor:321] User ID null
16:57:18,304 ERROR [http-bio-80-exec-162][PortletRequestProcessor:322] Current URL /ca/web/-/1?p_p_id=58&p_p_lifecycle=0&p_p_state=maximized&p_p_mode=view&saveLastPath=false&_58_struts_action=%2Flogin%2Flogin%25%27%29%20LIMIT%201%2C1%20UNION%20ALL%20SELECT%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%2C%20NULL%23
16:57:18,305 ERROR [http-bio-80-exec-162][PortletRequestProcessor:323] Referer null
16:57:18,305 ERROR [http-bio-80-exec-162][PortletRequestProcessor:324] Remote address 180.97.106.161
16:57:18,306 ERROR [http-bio-80-exec-162][PortletRequestProcessor:326] Invalid path was requested /login/login%') LIMIT 1,1 UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL#
Java HotSpot(TM) 64-Bit Server VM warning: INFO: os::commit_memory(0x00000000f9cbe000, 104079360, 0) failed; error='Cannot allocate memory' (errno=12)
#
# There is insufficient memory for the Java Runtime Environment to continue.
# Native memory allocation (mmap) failed to map 104079360 bytes for committing reserved memory.
# An error report file with more information is saved as:
# //hs_err_pid1701.log


更多关于内存增加导致服务挂掉的我的记录,点击这里


部分网站access记录:


221.223.194.189 - - [17/Jan/2017:13:36:41 +0000] "GET / HTTP/1.1" 200 5805
221.223.194.189 - - [17/Jan/2017:13:36:41 +0000] "GET /image/layout_set_logo?img_id=29201&t=1484660200797 HTTP/1.1" 200 3260
221.223.194.189 - - [17/Jan/2017:13:36:41 +0000] "GET /html/js/liferay/available_languages.jsp?browserId=other&themeId=QXDC_WAR_QXDCtheme&colorSchemeId=01&minifierType=js&languageId=zh_CN&b=6203&t=1429173626000 HTTP/1.1" 200 473
221.223.194.189 - - [17/Jan/2017:13:36:43 +0000] "GET /web/-/- HTTP/1.1" 200 4218
221.223.194.189 - - [17/Jan/2017:13:36:43 +0000] "GET /html/js/liferay/available_languages.jsp?browserId=other&themeId=QXDC_WAR_QXDCtheme&colorSchemeId=01&minifierType=js&languageId=zh_CN&b=6203&t=1429173626000 HTTP/1.1" 200 473
221.223.194.189 - - [17/Jan/2017:13:36:45 +0000] "GET /Temperature/Temperature%20Diagram_wait.html HTTP/1.1" 304 -
221.223.194.189 - - [17/Jan/2017:13:36:45 +0000] "GET /ServeletQ/TestSV HTTP/1.1" 200 5337
203.208.60.231 - - [17/Jan/2017:13:38:59 +0000] "GET /web/guest/-7?p_p_auth=LJR72FTn&p_p_id=49&p_p_lifecycle=1&p_p_state=normal&p_p_mode=view&_49_struts_action=%2Fmy_sites%2Fview&_49_groupId=20181&_49_privateLayout=false HTTP/1.1" 200 6492
66.249.73.196 - - [17/Jan/2017:22:46:49 +0000] "GET /html/portlet/login/css/main.css?browserId=other&themeId=QXDC_WAR_QXDCtheme&minifierType=css&languageId=hu_HU&b=6203&t=1481899774000 HTTP/1.1" 200 376
221.223.194.189 - - [17/Jan/2017:22:46:58 +0000] "GET / HTTP/1.1" 200 5805
221.223.194.189 - - [17/Jan/2017:22:46:58 +0000] "GET /image/layout_set_logo?img_id=29201&t=1484693211586 HTTP/1.1" 200 3260
221.223.194.189 - - [17/Jan/2017:22:46:59 +0000] "GET /html/js/liferay/available_languages.jsp?browserId=other&themeId=QXDC_WAR_QXDCtheme&colorSchemeId=01&minifierType=js&languageId=zh_CN&b=6203&t=1429173626000 HTTP/1.1" 200 473
221.223.194.189 - - [17/Jan/2017:22:47:01 +0000] "GET /web/-/-1 HTTP/1.1" 200 4883
221.223.194.189 - - [17/Jan/2017:22:47:01 +0000] "GET /Temperature/Temperature%20Diagram_wait_no_button.html? HTTP/1.1" 304 -
221.223.194.189 - - [17/Jan/2017:22:47:01 +0000] "GET /html/js/liferay/available_languages.jsp?browserId=other&themeId=QXDC_WAR_QXDCtheme&colorSchemeId=01&minifierType=js&languageId=zh_CN&b=6203&t=1429173626000 HTTP/1.1" 200 473
221.223.194.189 - - [17/Jan/2017:22:47:02 +0000] "GET /ServeletQ/TestSV HTTP/1.1" 200 5337
221.223.194.189 - - [17/Jan/2017:22:48:38 +0000] "GET / HTTP/1.1" 200 5805
221.223.194.189 - - [17/Jan/2017:22:48:39 +0000] "GET /html/js/liferay/available_languages.jsp?browserId=other&themeId=QXDC_WAR_QXDCtheme&colorSchemeId=01&minifierType=js&languageId=zh_CN&b=6203&t=1429173626000 HTTP/1.1" 200 473
221.223.194.189 - - [17/Jan/2017:22:48:41 +0000] "GET /web/-/-2 HTTP/1.1" 200 5264
221.223.194.189 - - [17/Jan/2017:22:48:41 +0000] "GET /ServeletQ/TestSV HTTP/1.1" 200 5337
221.223.194.189 - - [17/Jan/2017:22:48:41 +0000] "GET /html/js/liferay/available_languages.jsp?browserId=other&themeId=QXDC_WAR_QXDCtheme&colorSchemeId=01&minifierType=js&languageId=zh_CN&b=6203&t=1429173626000 HTTP/1.1" 200 473
221.223.194.189 - - [17/Jan/2017:22:48:44 +0000] "GET /web/-/-1 HTTP/1.1" 200 4881
221.223.194.189 - - [17/Jan/2017:22:48:44 +0000] "GET /html/js/liferay/available_languages.jsp?browserId=other&themeId=QXDC_WAR_QXDCtheme&colorSchemeId=01&minifierType=js&languageId=zh_CN&b=6203&t=1429173626000 HTTP/1.1" 200 473
221.223.194.189 - - [17/Jan/2017:22:48:44 +0000] "GET /ServeletQ/TestSV HTTP/1.1" 200 5337
221.223.194.189 - - [17/Jan/2017:22:48:46 +0000] "GET /web/-/- HTTP/1.1" 200 4218
221.223.194.189 - - [17/Jan/2017:22:48:47 +0000] "GET /html/js/liferay/available_languages.jsp?browserId=other&themeId=QXDC_WAR_QXDCtheme&colorSchemeId=01&minifierType=js&languageId=zh_CN&b=6203&t=1429173626000 HTTP/1.1" 200 473
221.223.194.189 - - [17/Jan/2017:22:48:48 +0000] "GET /Temperature/Temperature%20Diagram_wait.html HTTP/1.1" 304 -
221.223.194.189 - - [17/Jan/2017:22:48:48 +0000] "GET /favicon.ico HTTP/1.1" 200 1150
221.223.194.189 - - [17/Jan/2017:22:48:48 +0000] "GET /ServeletQ/TestSV HTTP/1.1" 200 5337
221.223.194.189 - - [17/Jan/2017:22:50:45 +0000] "GET /Temperature/Temperature%20Diagram_wait.html HTTP/1.1" 304 -
221.223.194.189 - - [17/Jan/2017:22:50:46 +0000] "GET /ServeletQ/TestSV HTTP/1.1" 200 5337


有关的IP地址分析:


125.35.57.13 公司IP地址,含WIFI下连接

61.148.242.8 联通3G连接

221.223.194.189 家里联通宽带的IP地址

111.197.147.101 家里联通宽带的IP地址


180.153.236.35 上海某IP地址


设置Tomcat禁止一些IP地址的访问:




效果如下:






/var/lib/pgsql/data目录下,pg_hba.conf和pg_ident.conf,以及postgresql.conf在2016年Jul, 14 修改过。


pg_hba.conf修改前拷贝一份带日期的作为留底。修改后,直接重启DB服务(service postgresql restart)就可以了。


受影响的日期:



修改后的DB接入,仅仅允许我自己的几个服务器的IP地址可以连接(具体参见笔记):


相关效果:







拷贝了部分pg_hba.conf说明如下:

# PostgreSQL Client Authentication Configuration File
# ===================================================
#
# Refer to the "Client Authentication" section in the
# PostgreSQL documentation for a complete description
# of this file.  A short synopsis follows.
#
# This file controls: which hosts are allowed to connect, how clients
# are authenticated, which PostgreSQL user names they can use, which
# databases they can access.  Records take one of these forms:
#
# local      DATABASE  USER  METHOD  [OPTIONS]
# host       DATABASE  USER  CIDR-ADDRESS  METHOD  [OPTIONS]
# hostssl    DATABASE  USER  CIDR-ADDRESS  METHOD  [OPTIONS]
# hostnossl  DATABASE  USER  CIDR-ADDRESS  METHOD  [OPTIONS]
#
# (The uppercase items must be replaced by actual values.)
#
# The first field is the connection type: "local" is a Unix-domain socket,
# "host" is either a plain or SSL-encrypted TCP/IP socket, "hostssl" is an
# SSL-encrypted TCP/IP socket, and "hostnossl" is a plain TCP/IP socket.
#
# DATABASE can be "all", "sameuser", "samerole", a database name, or
# a comma-separated list thereof.
#
# USER can be "all", a user name, a group name prefixed with "+", or
# a comma-separated list thereof.  In both the DATABASE and USER fields
# you can also write a file name prefixed with "@" to include names from
# a separate file.
#
# CIDR-ADDRESS specifies the set of hosts the record matches.
# It is made up of an IP address and a CIDR mask that is an integer
# (between 0 and 32 (IPv4) or 128 (IPv6) inclusive) that specifies
# the number of significant bits in the mask.  Alternatively, you can write
# an IP address and netmask in separate columns to specify the set of hosts.
#
# METHOD can be "trust", "reject", "md5", "password", "gss", "sspi", "krb5",
# "ident", "pam", "ldap" or "cert".  Note that "password" sends passwords
# in clear text; "md5" is preferred since it sends encrypted passwords.
#
# OPTIONS are a set of options for the authentication in the format
# NAME=VALUE. The available options depend on the different authentication
# methods - refer to the "Client Authentication" section in the documentation
# for a list of which options are available for which authentication methods.
#
# Database and user names containing spaces, commas, quotes and other special
# characters must be quoted. Quoting one of the keywords "all", "sameuser" or
# "samerole" makes the name lose its special character, and just match a
# database or username with that name.
#
# This file is read on server startup and when the postmaster receives
# a SIGHUP signal.  If you edit the file on a running system, you have
# to SIGHUP the postmaster for the changes to take effect.  You can use
# "pg_ctl reload" to do that.

# Put your actual configuration here
# ----------------------------------
#
# If you want to allow non-local connections, you need to add more
# "host" records. In that case you will also need to make PostgreSQL listen
# on a non-local interface via the listen_addresses configuration parameter,
# or via the -i or -h command line switches.
#

# CAUTION: Configuring the system for local "trust" authentication allows
# any local user to connect as any PostgreSQL user, including the database
# superuser. If you do not trust all your local users, use another
# authentication method.


# TYPE  DATABASE    USER        CIDR-ADDRESS          METHOD

# "local" is for Unix domain socket connections only


20170711:记录一下操作过程(root权限下):


cd /var/lib/pgsql/data/pg_log
ls
tail -200 /var/lib/pgsql/data/pg_log/postgresql-Mon.log
cp /var/lib/pgsql/data/pg_hba.conf /var/lib/pgsql/data/pg_hba.conf-yyyymmdd_before_change
vi /var/lib/pgsql/data/pg_hba.conf
service postgresql restart
exit







qxd100
关注
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
记一次服务器被黑客攻击(暴力破解密码)的记录
zhaojiafu的博客
09-18 3070
文章目录说明:1、我是怎么发现的呐?2、开始弥补我的过错①、查看阿里云②、重置服务器+修改密码③、修改安全组 说明: 其实我没有想过我的服务器被黑客攻击,直到我今天发现,其实还好是自己的服务器我急搭建个学习的测试而已,如果是工作中的可就真的尴尬了,所以,有服务器的小伙伴注意了,端口号访问要做限制ip,尽量限制自己的公司ip和家里ip,还有登陆密码设置难一点,防止被暴力破解。 限制访问端口22登陆ip+密码设置长点难点,双保险吧。 我的一直觉得弄着玩,主要自己对服务器的了解不是这么多。今天正好学习下了。 1、
黑客攻击了怎么办
weixin_68789096的博客
03-11 260
在Web渗透测试中网站漏洞通常有哪些典型漏洞。常见漏洞包括文件上传漏洞、SQL注入漏洞、目录遍历漏洞、命令执行漏洞、文件包含漏洞、代码执行漏洞、跨站点脚本(XSS)漏洞、SSRF漏洞、XML外部实体(XXE)漏洞、反序列化漏洞、解析漏洞等。因为这些安全漏洞可能被黑客利用,从而影响业务。以下每一条路线都是一种安全风险。黑客可以通过一系列的攻击手段发现目标的安全弱点。如果安全漏洞被成功利用,目标将被黑客控制,威胁目标资产或正常功能的使用,最终导致业务受到影响。
让DEV-C++更加帅气
c_of_begin的博客
08-26 3678
提起c++编译器,dev-c++绝对是‘永远的神’,谁让考试用它呢? 但其单调的界面令我无语 如何让dev界面变得更好看一些呢?按如下步骤操作,绝对让你的devc++焕然一新! ------------------------------------------------------------------------------------------------------------------ 首先,点击 工具 选择 编译器选项...
根磁盘空间使用率涨到100%的分析
qxd100的博客
01-09 970
同样的根磁盘空间使用率涨到100%的问题又出现了。 2018.01.09 根磁盘空间使用率涨到100%直到今天才开始处理。之间有多次CPU和内存超高提示。停了服务器几天。今天检查一下,又发现是根磁盘空间使用率涨到100%。于是用Mac上的Terminal连上服务器进行处理。 拷贝了两个2个多G的文件到/dq/下面。这个两个文件是catal
经常用软件扫描网站 使用HTTP/1.*协议的 黑名单ip
热门推荐
勤劳的执着的运维农民工
02-19 5万+
38.145.92.41 119.62.209.174 111.177.173.176 175.168.87.4 183.150.236.149 61.174.155.107 113.57.114.63 120.33.34.106 120.33.34.107 42.48.59.211 125.122.117.127 73.192.213.36 123.145.35.93 113.76.49.160...
HackCourse:黑客入侵苏州大学网络公共课
06-15
Automatically finish the network public course in Soochow university. 如何使用? 把它粘贴到Chrome浏览器的插件‘TamperMonkey’上,打开网页稍等片刻就能搞定这个课程啦。
Web前端黑客技术解密
10-30
Web前端的黑客攻防技术是一门...本书适合前端工程师阅读,同时也适合对Web前端各类安全问题或黑客攻防过程充满好奇的读者阅读,书中的内容可以让读者重新认识到Web的危险,并知道该如何去保护自己以免受黑客的攻击。
BurpSuite手册-034-比较站点地图.pdf
12-28
以确定对特权功能的访问是否受到适当控制。 • 您可以使用相同类型的两个不同帐户映射应用程序,以识别用户特定标识符用于访问 敏感资源的情况,并确定每个用户的数据是否正确隔离。 您可以使用主站点地图上的上...
liferay的控制条docbar消失解决方法
MOONCOM的博客
03-31 1680
页面报错 liferay某实例A因为未知错误,其控制面板无法显示docbar的内容(图1红圈中所示),liferay控制面板的正常显示应如图2所示: 图1 图2 liferay后台日志报错如 三月 29, 2017 9:17:32 上午 org.apache.catalina.core.ApplicationDispatcher invoke 严重: Servle
一次被黑客攻击的教训和总结
知易行难的博客
08-22 856
最近听博士讲课,一开始他以弦论作引子开了个头,这个印象比较深刻,虽然他讲的并不多。 很早以前,就对弦论有过了解,简单讲就是,物质不断分割下去,有没有不可分割的终点?弦论认为是有的,那就是一个个不断振动的弦,在11维的空间之中不断振动着。 ...
新作的一个bootstrap 登录框,带验证码,带校验~!
doc_wei
12-22 1万+
这个登陆窗口是双登陆窗口的,对IE8及早期版本不支持,可以根据自己的开发语言更换,我这个是asp的,其中的引用文件可以在网络上自行下载,如找不到可以留下邮箱~! 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 1
臭名昭著的黑客攻击事件 20件
MAGANG255的博客
04-24 1万+
史上最臭名昭著的20次网络攻击 2015-8-29 22:12:56来源:雷锋网作者:老吕IO责编:汐元 评论:135               网络世界的冲突是真实世界的延续,所以网络世界和真实世界一样险象环生,充满了理念不合、利益冲突、政治攻击甚至战争。今天就让我们来盘点一下21世纪以来最臭名昭著的20
黑客常见攻击流程
小旺的博客
05-22 6992
黑客一般攻击的流程 第1步:预攻击探测 这一阶段主要为信息收集,收集的信息包括网络信息(域名、IP地址、网络拓扑)、系统信息(操作系统版本、开放的各种网络服务版本)、用户信息(用户标识、组标识、共享资源、即时通信软件账号、邮件账号)等。 收集信息的方法或工具 (1)SNMP协议。用它来查阅非安全路由器的路由表,从而了解目标机构网络拓扑的内部细节。 (2)TraceRoute程序。用它能够得出到达目标主机所要经过的网络数和路由器数。 (3)Whois协议。它是一种信息服务,能够提供有关所有DNS域和负责各
针对网络黑客攻击提出详细的技术对策+图解(300)
最新发布
05-18
网络黑客攻击是指利用计算机网络对目标系统进行非法侵入或者破坏,从而获取非法利益或者破坏系统正常运行。以下是针对网络黑客攻击的详细技术对策及图解: 1. 防火墙技术 防火墙是一种网络安全设备,能够过滤网络通信,控制进出网络的流量,从而保护网络不受未经授权的访问。防火墙通常分为软件防火墙和硬件防火墙两类。软件防火墙是安装在主机上的防火墙,硬件防火墙则是一种独立设备,可以过滤控制进出网络的流量。防火墙技术可以有效地防止黑客攻击,保护网络的安全。 2. IDS/IPS技术 IDS/IPS技术是一种网络安全设备,可以检测和预防网络攻击。IDS(入侵检测系统)通过监控网络流量和系统日志,检测到潜在的攻击行为,并发出警报。IPS(入侵防御系统)则是在IDS的基础上增加了防御措施,可以自动阻止攻击行为,从而保护网络的安全。 3. 数据加密技术 数据加密技术可以保证数据在传输过程中的安全性,防止黑客窃取敏感信息。常见的数据加密算法有DES、AES、RSA等。数据加密技术可以有效地防止黑客攻击,保护网络的安全。 4. 安全认证技术 安全认证技术是指通过身份验证来确定用户身份,保护网络的安全。常见的安全认证技术有密码认证、生物识别认证、证书认证等。安全认证技术可以有效地防止黑客攻击,保护网络的安全。 5. 安全审计技术 安全审计技术可以记录系统日志和事件,分析系统运行情况,发现潜在的安全问题,从而保护网络的安全。安全审计技术可以有效地防止黑客攻击,保护网络的安全。 综上所述,防火墙技术、IDS/IPS技术、数据加密技术、安全认证技术和安全审计技术是针对网络黑客攻击的有效技术对策。通过采用这些技术对策,可以保护网络的安全,防止黑客攻击。下图为网络安全技术对策示意图。 ![网络安全技术对策示意图](https://img-blog.csdnimg.cn/img_convert/bc506f3eeb10f66b2d8dd0d4ba7a5a8d.png)

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值