As mentioned above, a replay attack by some malicious third party is the most convenient attack.
正如上文所提到的,来自某个恶意第三方的再现攻击是最容易遭受到的攻击。
Replay attack — Re-sending a previously valid message for malicious effect, possibly where only parts of the message (such as the security token) are replayed.
应答攻击——为实现恶意的效果,重新发送一个以前曾经有效的消息,其中可能只是重放部分消息(如安全令牌)。
Using a Padding Oracle (PO) attack a malicious user can access encrypted data such as cookies, state, membership password, etc.
恶意用户能够使用PaddingOracle (PO)攻击方式来解密cookie,加密状态及认证密码等关键信息。
Knowing that the cause is a malicious attack does take Twitter off the hook to some degree –it may have been assumed that the site was simply failing to scale properly, as had happened in the past.
当人们得知twitter宕机的原因是缘于恶意袭击,Twitter才得以从困境中缓过气来 -人们原本推测Twitter宕机的原因是twitter不能承受如此规模的服务器负担,而这种情况在以前就发生过的。
Even if you update packages as quickly as you can, there will be lag between the version release and your deployment, potentially enough time for a malicious person to carry out an attack.
即使能够尽可能快地更新软件包,新版本的发行与你的更新之间会有一些拖延的时间,潜在方面,这些时间,能够足够让一个怀有恶意的人来执行一次袭击。
Even if you update packages as quickly as you can, there will be lag between the version release and your deployment, potentially enough time for a malicious person to carry out an attack.
即使能够尽可能快地更新软件包,新版本的发行与你的更新之间会有一些拖延的时间,潜在方面,这些时间,能够足够让一个怀有恶意的人来执行一次袭击。
应用推荐