网页上的隐形杀手,威胁着你的网络安全
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 24pt; mso-char-indent-count: 2.0"><SPAN style="BORDER-RIGHT: windowtext 1pt; PADDING-RIGHT: 0cm; BORDER-TOP: windowtext 1pt; PADDING-LEFT: 0cm; FONT-SIZE: 12pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt; COLOR: black; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt; FONT-FAMILY: 宋体; mso-border-alt: none windowtext 0cm">随着网络的进步,对我们来说,病毒和木马是主要的<SPAN lang=EN-US><a href="http://www.wafty666.com/anhui.html" target="_blank"><SPAN lang=EN-US><SPAN lang=EN-US>网络安全问题</SPAN></SPAN></A></SPAN>,但是网页中的隐形代码也开始严重地威胁着我们的<SPAN lang=EN-US><a href="http://www.wafty666.com/anhui.html" target="_blank"><SPAN lang=EN-US><SPAN lang=EN-US>网络安全</SPAN></SPAN></A></SPAN>,但大多数人却缺乏自我保护意识,对隐形代码的危害认识不够,甚至在自己不知情的情况下被别人窃取了重要资料。因为隐形代码具有比较大的隐蔽性,到目前为止,还没有什么病毒防火墙能很好地阻止隐形代码的攻击,大多数甚至根本就不能发现。为我们的<SPAN lang=EN-US><a href="http://www.wafty666.com/anhui.html" target="_blank"><SPAN lang=EN-US><SPAN lang=EN-US>网络安全</SPAN></SPAN></A></SPAN>,所以我们更应该高度警惕网页代码中的隐形杀手。<SPAN lang=EN-US></SPAN></SPAN></P><P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 24pt; mso-char-indent-count: 2.0"><SPAN style="BORDER-RIGHT: windowtext 1pt; PADDING-RIGHT: 0cm; BORDER-TOP: windowtext 1pt; PADDING-LEFT: 0cm; FONT-SIZE: 12pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt; COLOR: black; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt; FONT-FAMILY: 宋体; mso-border-alt: none windowtext 0cm">网页上的“隐形杀手”一般有以下几类。<SPAN lang=EN-US></SPAN></SPAN></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 24pt; mso-char-indent-count: 2.0"><SPAN lang=EN-US style="BORDER-RIGHT: windowtext 1pt; PADDING-RIGHT: 0cm; BORDER-TOP: windowtext 1pt; PADDING-LEFT: 0cm; FONT-SIZE: 12pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt; COLOR: black; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt; FONT-FAMILY: 宋体; mso-border-alt: none windowtext 0cm">1 </SPAN><SPAN style="BORDER-RIGHT: windowtext 1pt; PADDING-RIGHT: 0cm; BORDER-TOP: windowtext 1pt; PADDING-LEFT: 0cm; FONT-SIZE: 12pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt; COLOR: black; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt; FONT-FAMILY: 宋体; mso-border-alt: none windowtext 0cm">占用<SPAN lang=EN-US>cpu</SPAN></SPAN></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 24pt; mso-char-indent-count: 2.0"><SPAN style="BORDER-RIGHT: windowtext 1pt; PADDING-RIGHT: 0cm; BORDER-TOP: windowtext 1pt; PADDING-LEFT: 0cm; FONT-SIZE: 12pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt; COLOR: black; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt; FONT-FAMILY: 宋体; mso-border-alt: none windowtext 0cm">通过不断地消耗本机的系统资源,最终导致<SPAN lang=EN-US>cpu</SPAN>占用率高达<SPAN lang=EN-US>100%</SPAN>,使计算机不能再处理其他用户的进程。<SPAN lang=EN-US></SPAN></SPAN></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 24pt; mso-char-indent-count: 2.0"><SPAN lang=EN-US style="BORDER-RIGHT: windowtext 1pt; PADDING-RIGHT: 0cm; BORDER-TOP: windowtext 1pt; PADDING-LEFT: 0cm; FONT-SIZE: 12pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt; COLOR: black; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt; FONT-FAMILY: 宋体; mso-border-alt: none windowtext 0cm">2 </SPAN><SPAN style="BORDER-RIGHT: windowtext 1pt; PADDING-RIGHT: 0cm; BORDER-TOP: windowtext 1pt; PADDING-LEFT: 0cm; FONT-SIZE: 12pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt; COLOR: black; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt; FONT-FAMILY: 宋体; mso-border-alt: none windowtext 0cm">非法读取本地文件<SPAN lang=EN-US><BR></SPAN> 这类代码典型的作法是在网页中通过对<SPAN lang=EN-US>activex</SPAN>、<SPAN lang=EN-US>javascript</SPAN>和<SPAN lang=EN-US>webbrowser control</SPAN>的调用来读本地文件。<SPAN lang=EN-US></SPAN></SPAN></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 24pt; mso-char-indent-count: 2.0"><SPAN lang=EN-US style="BORDER-RIGHT: windowtext 1pt; PADDING-RIGHT: 0cm; BORDER-TOP: windowtext 1pt; PADDING-LEFT: 0cm; FONT-SIZE: 12pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt; COLOR: black; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt; FONT-FAMILY: 宋体; mso-border-alt: none windowtext 0cm">3 web</SPAN><SPAN style="BORDER-RIGHT: windowtext 1pt; PADDING-RIGHT: 0cm; BORDER-TOP: windowtext 1pt; PADDING-LEFT: 0cm; FONT-SIZE: 12pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt; COLOR: black; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt; FONT-FAMILY: 宋体; mso-border-alt: none windowtext 0cm">欺骗<SPAN lang=EN-US><BR></SPAN> 攻击者通过先攻入负责目标机域名解析的<SPAN lang=EN-US>dns</SPAN>服务器,然后把<SPAN lang=EN-US>dns-ip</SPAN>地址复位到一台他已经拿下超级用户权限的主机。<SPAN lang=EN-US></SPAN></SPAN></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 24pt; mso-char-indent-count: 2.0"><SPAN lang=EN-US style="BORDER-RIGHT: windowtext 1pt; PADDING-RIGHT: 0cm; BORDER-TOP: windowtext 1pt; PADDING-LEFT: 0cm; FONT-SIZE: 12pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt; COLOR: black; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt; FONT-FAMILY: 宋体; mso-border-alt: none windowtext 0cm">4 </SPAN><SPAN style="BORDER-RIGHT: windowtext 1pt; PADDING-RIGHT: 0cm; BORDER-TOP: windowtext 1pt; PADDING-LEFT: 0cm; FONT-SIZE: 12pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt; COLOR: black; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt; FONT-FAMILY: 宋体; mso-border-alt: none windowtext 0cm">控制用户机<SPAN lang=EN-US><BR></SPAN> 目前这类问题主要集中在<SPAN lang=EN-US>ie</SPAN>对<SPAN lang=EN-US>actives</SPAN>的使用上。<SPAN lang=EN-US></SPAN></SPAN></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 7.5pt; TEXT-INDENT: 24pt; LINE-HEIGHT: 18pt"><SPAN lang=EN-US style="BORDER-RIGHT: windowtext 1pt; PADDING-RIGHT: 0cm; BORDER-TOP: windowtext 1pt; PADDING-LEFT: 0cm; FONT-SIZE: 12pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt; COLOR: black; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt; FONT-FAMILY: 宋体; mso-font-kerning: 0pt; mso-bidi-font-family: 宋体; mso-border-alt: none windowtext 0cm">5 </SPAN><SPAN style="BORDER-RIGHT: windowtext 1pt; PADDING-RIGHT: 0cm; BORDER-TOP: windowtext 1pt; PADDING-LEFT: 0cm; FONT-SIZE: 12pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt; COLOR: black; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt; FONT-FAMILY: 宋体; mso-font-kerning: 0pt; mso-bidi-font-family: 宋体; mso-border-alt: none windowtext 0cm">非法格式化本地硬盘<SPAN lang=EN-US><BR></SPAN> <SPAN lang=EN-US><SPAN style="mso-spacerun: yes"> </SPAN></SPAN>这类代码的危害较大。只要你浏览了它的网页,你的硬盘就会被格式化。<SPAN lang=EN-US></SPAN></SPAN></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 24pt; mso-char-indent-count: 2.0"><SPAN style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体">所以为了自己的<SPAN lang=EN-US style="BORDER-RIGHT: windowtext 1pt; PADDING-RIGHT: 0cm; BORDER-TOP: windowtext 1pt; PADDING-LEFT: 0cm; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt; COLOR: black; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt; mso-border-alt: none windowtext 0cm"><a href="http://www.wafty666.com/anhui.html" target="_blank"><SPAN lang=EN-US><SPAN lang=EN-US>网络安全</SPAN></SPAN></A></SPAN><SPAN style="BORDER-RIGHT: windowtext 1pt; PADDING-RIGHT: 0cm; BORDER-TOP: windowtext 1pt; PADDING-LEFT: 0cm; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt; COLOR: black; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt; mso-border-alt: none windowtext 0cm">,上网时一定要多加注意,多加小心。</SPAN><SPAN lang=EN-US></SPAN></SPAN></P>
<DIV>(本文章纯属原创,如需转载请注明出处。<a href="http://www.wafty666.com" target="_blank">湖南网络安全服务专家</A>咨询热线:13007481580)</DIV>
页:
[1]