In the real operation process of direct seeding platform, what operation just pays close attention to most is platform discharge get, and the exploration that sheds quantitative change to show earnings pattern, often meet the problem of aspect of security of oneself of system of oversight direct seeding. The security problem here basically has two sides, program source safety defends and the safety of level of hardware carry dimension defends.
System of online direct seeding is common and safe problemSQL infuse: SQL infuse is the inquiry that through inserting SQL command WEB expresses sheet to refer or input domain name and page request
String, achieve beguiling server finally to execute baleful SQL order. This is to compare common database to inbreak method, the database of direct seeding system of information of user of many to bearing the weight of platform, once appear the problem of baleful SQL infuse, consequence is unimaginable.
Bagman attack: It is a kind of common network inbreaks method, if SMB conversation is hijacked, DNS deceit is more typical bagman attack pattern. Bagman attack basically is the network communication data with pass intercept normal, undertake distorting to data. Direct seeding platform is relying on a network completely in real operation process to correspond, because this also wants avoid problem of this one risk.
Step station attack: Use information of user of purloin of website flaw ill will. Type of the common attack that cross a station basically has abiding model cross station, blame abiding model cross station, DOM to cross a station to wait.
DDOS attack: Have the aid of at the client / server technology, rise many computers jointly regard attack as platform, launch DDOS attack to one or more target, thereby twice land enhances the power that rejects to serve attack.
Above 3 o'clock is commonner safe problem, also not only be aimed at system of online direct seeding. So to source of system of online direct seeding character, what preventive measure do we have? Commonner is MD5 is added add closely with data close.
MD5 adds close: Let high capacity information sign in the number software is signed private before close key by " compress " the format that keeps secret into a kind, and this kind adds close algorithm not to need when use any copyright charge, be used extensively consequently.
Data adds close: All of computer science department has a kind of method that protects effectively to information. Use password technology to undertake adding to information close, implementation information concealments, protect information security thereby.
Besides above two kinds general and applicable impose close preventive measure besides, be aimed at the characteristic of source of system of online direct seeding, also have relevant preventive measure from hardware and software level.
Hardware levelDefend act depends on a server defending basically the carry dimension ability with operation square oneself. Server supplier need is offerred for data of platform operation square server cut off the power equipment of calamity of ground of protection, different, time snapshot. Platform operation also just should have perfect system to carry dimension defends plan, besides the fundamental safety that can assure a server, establish entry test and verify to distribute authority, time backup, data even migratory wait for working mechanism.
Software levelBasically be depend on level of source of direct seeding system defend.
Interior digests: Handle relevant and safe issue through in-house agreement, for example visit of the net inside limitation, reduce the entrance that outer net atttacks;
Source consolidate: Undertake to sensitive data multiple add close, for instance the sensitive information such as user code is reached pay wait for main operation link, undertake multiple test and verify;
Token test and verify: There is many interface content in source of system of online direct seeding, token test and verify can have the limit of significant time and uniqueness to interface;
Clerical mechanism: To a few operations that more important Ju Min feels, for example the consumptive give sb a present in direct seeding platform, VIP fills a value to wait, besides outside consolidate undertakes on source level, still can establish corresponding clerical mechanism.
Square to operation of direct seeding platform and character, operation income is admittedly significant, but it is likewise important that the safety in source of direct seeding system and operation process defends, if incorrect at ordinary times these problems are added more advertent, the discharge outside can bringing what needless belongings loss reachs information data probably to oneself.