Integrity refers to ensuring that information is not tampered with by unauthorized users during storage, use and transmission, ensuring that information is consistent inside and outside, and preventing unauthorized users from tampering with inappropriate information. Confidentiality means that network information will not be leaked to unauthorized users, entities or processes.
Availability refers to the characteristics that information resources can be accessed by authorized entities on demand, used normally or recovered under abnormal conditions. Controllability refers to the ability to control the network system and information transmission. Information security is mainly the technical and management security protection of data processing system, in order to protect computer hardware, software and data from being destroyed, changed and leaked due to accidents and malicious reasons.
Information security network detection:
1, Web page hanging horse: detect whether the website is illegally implanted with Trojan horse programs by hackers or malicious attackers.
2. Buffer overflow: Check the website server and server software to see if there is a buffer overflow vulnerability. If there is, the attacker can gain administrative rights of the website or server through this vulnerability.
3. Upload vulnerabilities: Check whether there are upload vulnerabilities in the upload function of the website. If there is such a vulnerability, an attacker can directly upload a Trojan horse to obtain WebShell.
4. Source code leakage: Check whether there is a source code leakage vulnerability in the Web network. If there is such a loophole, the attacker can directly download the source code of the website.
5. Hidden directory leakage: detect whether there are leakage loopholes in some hidden directories of the website. If this vulnerability exists, the attacker can know the whole structure of the website.