Trang tin tc | Thit b s | Dow nload | Hi p | Mobi | Rss

TRANG CH

TIN IT

KIN THC
Tin bo mt

H THNG

BO MT

Gii php bo mt

H IU HNH

Virus - Spyware

PHN CNG

DOANH NGHIP 2.0

VIDEO

TIN HM NAY

Hacker

ng nhp | Qun mt khu | ng k

Tmkim:

Bivit

Phnmm Tkha

Tm

BomtGiiphpbomt

Bo mt cho ng dng web

Cpnhtlc10h00'ngy08/04/2011

Bnin

Chias

Nhng nm gn y, cc dch v thng mi in t (TMT) nh thanh ton trc tuyn, giao dch trc
tuyn ebanking pht trin khng ngng. Cc tin ch cng c pht trin, doanh nghip (DN) cng
phi trang b h tng mng chuyn nghip nhm p ng nhu cu vn hnh lin tc v bo mt h
thng.
iu kin bo mt

Tiu im
Mt h thng mng bo mt lun phi m bocc
mc tiu nh: Cho php hoc cm nhngdchvtruy
cp ra ngoi Cho php hoc cm nhng dch v t
ngoi truy cp vo trong Theo di lung dliumng
gia Internet v Intranet (mng ni b) Kim sotv
cmachtruynhpKimsotngisdngvvic
truy cp ca ngi s dng Kimsotnidungthng
tinluchuyntrnmng.

open in browser customize

free license

FlashToalbumnhbngkthutmask
TonghkimtrongMacromediaFlash
Hiungthayivtrch
UbuntuLinux11.04rcrchramtvibcnh
mi
Cit&GbServicePack1trnWindows7
CitvcuhnhApachetrongUbuntu

pdfcrowd.com

Vi nhng yu cu v mc tiu do DN t ra, cc nh

tch hp h thng s t vn v xy dng mththng
mnghonchnh:

MovoFacebookthcngnhnghiuqu
Dnovathngminh,vagirtiVitNam?
FaxtiliuquamngmkhngcnmyFax

+ Kt ni bn ngoibaogmccthitbnhtuynkt
niADSL,Leaselinecngccthitbcnbngti.
+ Kt ni bo mt: Cc thit b tng la (Firewall), cc h thng phng chng tncngIDS/IPS...vphn
mmgimsththng.

BomtAndroid:6mogipbovGoogle
Phone
12tinchhtrcopytrongmitrngWindows
Xem tt c

+ H thng my ch: Cc my ch (server) ci t h iu hnh Windows, Linux v cc gii phpphng

chngvirus,chngthrc(spammail)...
+Hthnglutr:CcthitblutrdliutchhpSAN(StorageAreaNetwork)...

open in browser customize

free license

pdfcrowd.com

u t h thng bo mt
Vic u t mt h thng bo mt theo ngtiuchunmccnhtchhphthngemlichoDNcthc
shonhohaykhng?DNcththamkhobngnhgicacchngbomt:
Chng ta nhn thy mt s vnnibtvbomtthngtinnh:Thnhtlcccuctncng,xmhivo
cc h thng web site ca DN din ra ngy cng lin tc v tinh vi hn (25,48% cuc tn cng chaxcnh
ngun gc). Th hai l cc h thng my ch c trang b tt c cc gii phpbomttintinvnchus
tncngtrctipmkhngngnchnhontonc.
Theothngkccphngthctn Theo thng k ccphngthctncnghinnay(hnh1)chngtathycc

3sailmkhinbnkhngthnhlnho
Gibn42.000VN
xemchitit

Giaotipinthoitrongthngmi
Gibn28.000VN
xemchitit

cng mng ph binhinnay,cc kiu tn cng truyn thng nh SQL Injection, CrossSite Script,Brute
kiu tn cng truyn thng nh Force... vn ang gy thit hi cho h thng mngdccnhbot
SQL Injection, CrossSite Script, rtlu.
BruteForce...vnanggythithi

Cc cuc tn cng ny ch yu tp trung vo cc ng dng web c pht

cho h thng mng d c
trin trong cc dch v thng mi in t vi nn tngngdngweb2.0.
cnhbotrtlu.
Vn bo mt cho cc ng dng hin nay ni chung v ng dng web ni
ringvncnkhmimiviccDNVitNam.
Mt DN cn trin khai mt ng dng TMT h s thc hin cc bc sau: Xy dng ng dng theo cc nhu
cu kinh doanh v vic ny s do mt nhm ph trch lp trnhthitkvxydngKnltrangbhtng
mngtrinkhaingdngny.

nglc3.0
Gibn59.000VN
xemchitit

Nng,phng,cht
Gibn130.000VN
xemchitit

NgnhPRtiVitNam

open in browser customize

free license

pdfcrowd.com

Cc thit b bo mt hin nay nh tng la (Firewall),IPS/IDSskhngthgimst,nhgichtcc

ng dng cxydngtrnnntngweb(cthylgiaothcHTTP/HTTPS).Chcccthitbbov
ng dng web trc cc cuc tn cng Web Application Firewall (WAF) chuyn dng mi p ng yu cu
ny.
Mt bc tng la chuyn dng s lm cc nhim v nh sau:
+ThitlpccchnhschchoccktningidngHTTPthngquavicchnlcnidungchomychdch
vweb.
+ Bo v h thng trc cc loi hnh tn cng ph bin trn mng nh: Crosssite Scripting(XSS)vSQL
Injection.
+ Ngoi vic nhng ng tc kim tra ca mt bc tng la thng thng, WAF skimtrasuhn,s
kimtraccnidungHTTPlpngdng

NgnhPRtiVitNam
Gibn44.000VN
xemchitit

Tchccngvichiuqu
Gibn25.000VN
xemchitit

ChuynQunTrDoanhNghip
Gibn65.000VN
xemchitit

Nhngngtrmtichnh
Gibn149.000VN
xemchitit

open in browser customize

free license

pdfcrowd.com

Hnh1.BocorirocccuctncngWeb
Gii php bo mt ng dng web c din t nh sau:
Gii php bo mt ng dng web s h tr tt hn:
+ Hn chtiacccuctncngvccngdngthngquathitbbovngdngwebchuyndng(Web
ApplicationFirewall).
+ Tp trung pht trin, xy dng ccngdngwebtheongtiuchunWeb2.0vicctiuchbomtweb
caonht(PCIDSS,OWASP)
+Khnnggimst,phngchngtncngcchiusuvtptrung.
+Nngcaohiunngcahthng,phthuytiacctnhnngbomtcatngthitbtronghthng.
C cn bo mt ng dng?
Hin nay, trn th gii cc d n v bomtngdngwebtrong
TMT u pht trin trn 2 nm v c nhiu gii phpchovn
ny. Bn cnh cng xut hin mt s tchcthngxuyn
phn tch, ng gi v a ra nhng tiu ch bomtminht.
Chng ta c th k n OWASP (Open WebApplicationSecurity
Project), mt t chcphilinhuncungcpchocngngccri
rophtsinhtrongccngdngweb.
Ti Vit Nam, cc DN vn cha c c khi nim chnhxcv
nhng ri ro ang tim n trong ng dng web. Chngtavncha
xc nh c ri ro, sai st trn website dnnhimhatn
cngmng.
Cc DN ang hng n TMT hoc ng dng chytrnnntng
web cn tng cng yu cu bo mtchoccngdng.DNnn
tm hiu cc vn bomtkhixydngccngdng.Vd:S
dng ngn ng NoSQLthaythchongnngSQLtruynthng
lc hu v c nhiu ri ro.SdngcccngcmngunmnhMetasploit,SQLmap,Firecat...kimtrav
nhgicclhngtronghthngmng.
Xy dng cc biu mu nh gi ri ro h thng (tham kho cctiuchunbomtOWASP,WASC...)nhm

open in browser customize

free license

pdfcrowd.com

phn loi cc ri ro c cc hnh ng c th khi xy ra s c. Nu c iu kin, nn s dng dch v

PenTest (kho st an ton ca h thng) chuyn nghip nhm hn ch cc ri ro khi c sctncngt
bnngoi.
Ngoi ra, cc DN cng nn t chc cc kha hc ngn hn, di hn v an tonthngtinnhmnngcaonhn
thc v bo mt cho nhn vin. Tch cc tm hiu cc quy trnh, tiu chun bo mt nh ISO 27000, 27001
Hiu chnh cc ng dng vi s h tr ca cc nh lp trnh r sot cc ng dng, nngcphthngvtin
hnhkhosththng(Audit)hngnmnhgithctrngcangdng.
An ton thng tin i hi c nhn, t chc v DN phi khng ngngnngcaovphttrinlintc.Ccng
dng web tuy mang li cho ngi dngvDNnhiutinch,nhngcngtrthnhmitrngchohackertrc
li.Trckhitrinkhaiccngdngkinhdoanh,ccDNcnchnkhubomtngdngweb.

open in browser customize

free license

pdfcrowd.com

TheoPCWorldVN
Xemthm:dch v, thng mi in t, thanh ton trc tuyn, giao dch trc tuyn, ebanking, doanh nghip, h tng mng, bo mt h
thng, tng la, phng chng tn cng, my ch, h thng lu tr, thit b lu tr d liu, bo mt thng tin, bo mt ng dng

open in browser customize

free license

pdfcrowd.com

AsusX52FSX187

HPProbook4410sVM528PA

DellN4010(14R)GCTD52

Lenovo3000B460(59051007)

Gibn:16.590.000 VN

Gibn:16.950.000 VN

Gibn:18.227.000 VN

Gibn:11.765.000 VN
META.vn|Muasmtrctuyn

Bnin

Chias

Phnhi

BI VIT MI NHT

nhgi(?):

BI VIT C HN CNG CH

AsusLamborghiniramtchicnotebookntng

Xaccthngtincnhntrnmng

imyutsmartphonecaocpcaNokia

XabphnmmgimoWin7AntiSpyware2011

2011:BngnAndroidgir

Bovquynringttrctuyn

tngmyfilmkthuts

LtwebantonhnvingdngBufferZonePro

HTCSensationtc1,2GHzramtngymai

Bovquynringt:trnhidentitytheft

Googleutlnvodnnnglngtic

Phngvtrccctncngbntrong

BKACADHcvinmngxutscnhtChuTBD

Ngnchntrnhduyttmthngtincangidng
BomtAndroid:6mogipbovGooglePhone

ChngchCCNA,xincho!

Operaphthnhcngcglitrangweb

HngApplethanhnliktni3GtrniPad2

BkisspngngcungcpBkavHome

Windows8ctrangbtnhnngSmartScreen

4cchnginbomtEmail

open in browser customize

free license

pdfcrowd.com

iPad2khngktnicvimng3GcaVerizon?

MhaaWindowsbngDiskCryptor

LcuhnhycaBlackBerryBoldTouch

BovtonbmngbngUntangle

SamsungGalaxySII"ichin"LGOptimus2X

NngcpbomtWiFitWEPlnWPA2

"Tainn"PhotoshopcaNokia

Microsoftvlidrivebytrongthng3

GiithiuvMicrosoftOneNotednhchoiPhone

Bomtdliuchicsmartphone

imng,gis:Aimngailo?

Qunlhthngthngtinhiuqu

KchhottnhnngFlashblocktrongChrome

Xcnhhthngcbthahiphaykhng

iPhone4chnhhngyxchtayhgi

BomttikhonGooglevi2bcthitlp

KhmphAndroid3.0,tnmHoneyComb

TheodithayibomtnhycmtrongWindows

Dngkiubnphmlaptopnothchunnht?

Microsoftcungcpbnvthngchmdt22li

AcerramtIconiaTabchyAndroid3.0gi450$

TrnhccmiedatInternet

3ngdngkhngththiudnhchoiPhone4

100tngphngchngtiphmcngnghcao

NokiaramtdchvchiasdliuNokiaDrop

MicrosoftvlhngnghimtrngtrongWindows

17triungiVitNamsdngYahoo!

MicrosoftchntncngIEbngchinthutmi

Chigamelhotngphbinnhttrntablet

CnhgicviemaillaomodanhFacebook

HngtriuthintAnhbhackerstncng

SauludliutrnhthnghaymhnhCloud

3smartphonecaHTCnhncgiithng

NhntnghnhvmngInternet

PatchTuesdaycathng4/2011srtkhng

CccngcbomtWiFiminph

Dellsymnhsnphmlutrdliu

BovmychbngScapy

DAndroidslvuathtrngsmartphone?

Xemttc

Xemttc

open in browser customize

free license

pdfcrowd.com

Trang ch | Meta.vn | Gamevui.com | Dow nload.com.vn | Socola.vn | BimBim.vn | Rada.vn | Hotjobs.com.vn | KhoaHoc.com.vn | Gi bi vit| Rss | Lin h
Giy php ICP s 23/GPTTT. B Thng tin v Truyn thng cp.
C quan ch qun: Cng ty c phn mng trc tuyn

open in browser customize

free license

Bn quyn 20032010 QuanTriMang.com. Gi ton quyn.

Ghi r ngun "QuanTriMang.com" khi pht hnh li thng tin t w ebsite ny.

pdfcrowd.com