网站问题的安全性 [英] Security of website question

问题描述

您好，我创建了一个小型网站，并安装了一些安全设备.测试尽可能多的破坏网站方法的最佳方法是什么?我在此站点上拥有安全的数据，无法以任何代价发现它-我知道这个任务实际上是不可能的，因为如果有人想始终可以闯入某人-但是测试它以查看是否有漏洞"的最佳方法是什么我想念吗?

谢谢

Dan

Hi, I have created a small website with some security devices in place. What is the best way to test as many ways to breach a website as possible? I have secure data on this site that cannot at any cost be discovered - I know this task is actually impossible as someone if they want to can always break in - but what is the best way to test it to see if there are any "holes" I have missed?

Thanks

Dan

推荐答案

请其他人帮您破解–您永远无法正确测试自己的代码(因为编写代码时不会想到的东西)，对于安全性材料也是如此.

如果您是任何黑客或前黑客的朋友(您的公司可能雇用了一些人作为IT安全人员)，请让他们之一再给它一次.

有自动工具可以测试网站是否存在常见漏洞(SQL注入，XSS注入，各种与URL和POST数据相关的缓冲区溢出等).我目前找不到指向您的网站的链接，但我知道有一个链接(希望有人可以提供该链接).

Ask someone else to hack it for you – you can never test your own code properly (because you won''t think of the same things you didn''t think of when writing it), and that''s just as true for security material.

If you are friends with any hackers or ex-hackers (your company may have some of those employed as IT security staff), ask one of them to give it a once over.

There are automated tools to test a website for common vulnerabilities (SQL injection, XSS injection, various URL and POST-data related buffer overruns and similar). I can''t currently find a link to the site that will do that for you but I know there is one (and hopefully someone can provide the link).

这篇关于网站问题的安全性的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！