Server death (must kill)
The above stuff is commonly used, we must die, there is no way, because we are in the network.
Sniffer Dafa.
We can protect our server from not accessible, but we can't limit our normal access. In normal access, we are in an extremely unsafe environment.
Through the above settings, we are relatively safe. Generally, we pay attention to the server has passed our network of our daily lives. Our network is often connected in hub. If someone enters our network, and Sniffer Our LAN, our account, password information, all everything, all in other people's gaze, advancing the server, advanced LAN. You only entered the LAN, you are very likely to hold everything. This method can be called a stealing method.
Even if your password is encrypted, it is https, but all your communications are HTTPS? Our security is usually the login page requires HTTPS, and then in order to ensure our efficiency, other operations We are through HTTP. So, if you really need a good security, use https.
The server identifies that the session is identified according to cookie, as long as we get the user's cookie, we can continue his story with his identity, even if the IP address is different. So, you are still dead.
Must killing: lip dead
Can you protect your server, but can you protect other servers in the same network segment? We know that the Sniffer is invalid, but the IP package is propagated according to the ARP protocol. If a man-controlled JJ will send you a package saying that he is a router, all the packages sent by the server go to MJ, if JJ is again To the router, he is you, the router will give this package to you so that you have been Sniffer. So check your ARP reply, you are deceived by people.
I have seen so much, do you think you are safe?
