Chinese hackers Blog

Firewall alone can not protect online assets. Now, hackers and their attack is very smart strategy, more and more dangerous. At present a major threat is that application-level attacks, such attacks can sneak into the firewall until sneaked into Web applications. Yes, there are many such attacks like to valuable customer data as the targets.

Why, then, ordinary firewall Zuzhibule such attacks?  Because such attacks disguised as normal traffic, not particularly large data packets, address, and no suspicious contents do not match, so it will not trigger alarms. Most people fear is an example of SQL commands embedded attacks (SQL injection). In such attacks, hackers use one of your own HTML form, unauthorized query the database. Another threat is that the Executive Order. As long as Web applications to send commands to the shell program, the crafty hackers on the server can be arbitrary enforcement of the order.

Some other attacks is relatively simple. For example, HTML Notes inside often contain sensitive information, including imprudent programmers left login. Thus, for application-level attacks, tampering with cookies from the changes to HTML form, the hidden field, depends entirely on the imagination of hackers. But the good news is that most of these attacks is completely blocked.