有时会被垃圾表单提交机器狂发垃圾,甚至造成邮件拥堵。今天注意到其表单提交里有一项填写的是 Acunetix ,本以为是下什么组织还是什么,随手google了一下,原来是一个安全工具,其官方网站,http://www.acunetix.com/ 上有如下的说明,先mark一下,研究研究
Website security is possibly today’s most overlooked aspect of securing the enterprise and should be a priority in any organization. Hackers are concentrating their efforts on web-based applications – shopping carts, forms, login pages, dynamic content, etc. Web applications are accessible 24 hours a day, 7 days a week and control valuable data since they often have direct access to back-end data such as customer databases.
Firewalls, SSL and Locked-Down Servers are Futile Against Web Application Hacking
Any defence at network security level will provide no protection against web application attacks since they are launched on port 80 – which has to remain open. In addition, web applications are often tailor-made therefore tested less than off-the-shelf software and are more likely to have undiscovered vulnerabilities. Acunetix Web Vulnerability Scanner automatically checks your web applications for SQL Injection, XSS & other web vulnerabilities.
0 条评论。