An attacker can connect users to a malicious server of the attacker's choice.
攻击者可以将用户连接到攻击者选择的恶意服务器上。
For every server, there must be a client — and that client can be susceptible to attacks by a malicious server.
对每个服务器,必须有一个客户端——客户端容易被恶意服务器进行攻击。
Port probing by hackers is usually an attempt to execute malicious code on a server or to take control of the server by looking for vulnerable ports.
黑客进行的端口探测通常是尝试在服务器上执行恶意代码或者通过寻找易攻击的端口来控制服务器。
With the way that this server is configured, a malicious client could connect to the server and send one extremely large string, effectively bringing the entire server to its knees.
按照这台服务器配置的方式,一台恶意的客户机可以连接到这台服务器上,并且可以发送一个非常大的字符串,结果将使整个服务器瘫痪。
If any match, the request is rejected, and the malicious input does not arrive at the server.
如果匹配成功,就拒绝该请求,恶意的输入不会到达服务器。
Because the secure connection must "tunnel" through the proxy server to the intended destination, malicious proxy servers can very easily eavesdrop on any conversation.
因为安全连接必须由代理服务器提供一个隧道才能到达目的地,因此恶意的代理服务器就可以很容易地窃取任何会话。
The authors also consider server retaliation, whereby a server that detects a malicious client could send the client any sort of response, including malicious content.
作者也考虑到服务器的反馈,由此检测到一个恶意客户端的服务器可以发送给客户端任意种类的响应信息,包括恶意的内容。
This puts your build server at some risk from bugs and malicious code committed to source trees.
这就把构建服务器置于提交给源树的 bug和恶意代码的风险之下。
If the legitimate server sends a page back to the user including the value of clientprofile, the malicious code will be executed on the client Web browser as shown in Figure 1.
如果合法服务器将一个包含clientprofile值的页面发回给用户,则在客户机Web浏览器上就会执行恶意代码,如图1所示。
In the sample application, the user can post comments to the server. To demonstrate the threat of malicious script, enter the text from Listing 2 in the enter comments area.
在示例应用程序中,用户可以向服务器发表评论。
As you've seen in the XSS examples, most of the attacks exploit server-side vulnerabilities by injecting malicious scripts.
正如我们在XSS示例中所看到的,大多数的攻击都利用了服务器端的弱点,注入恶意脚本。
This would be a big mistake; it would allow malicious users to inject code that would be executed on your server.
这样会使恶意用户乘机注入将在服务器上执行的代码。
This helps secure backed-up data during transmission, and it means that the data stored on the Tivoli Storage Manager server is encrypted and thus is unreadable by any malicious administrators.
这有助于在传输过程中保护备份数据,它意味着存储在TivoliStorageManager服务器上的数据已加密,因而不能被恶意管理员所读取。
Security experts are warning that some proxy server website can carry viruses and malicious software, and pupils who log on put themselves at risk of cyber crime.
一些安全专家警告称,某些代理服务器网站可能带有病毒和恶意程序,登陆这些网站的学生会把自己置于网络犯罪的危险境地。
The problem is that if the DNS server cache is "polluted" with bogus DNS entries, users can subsequently be forwarded to malicious Web sites instead of the sites they intended to visit.
问题是如果DNS服务器缓存被假DNS入口“污染”,用户随后能被转发到替代恶意站点,而不是他们查访问的站点。
The objective is to fool the database system into running malicious code that will reveal sensitive information or otherwise compromise the server.
它的目的就是为了使数据库运行恶意代码,从而泄漏敏感消息或者使服务器崩溃。
Otherwise, a malicious eavesdropper on any router between your server and the end user can very easily sniff the sensitive information out of the network packets.
否则,恶意的监听者就可以在你的应用程序与最终用户之间的任何路由器上通过数据包探嗅到那些敏感的信息。
In all cases, you should take precautions against importing malicious code or code that has unintentional but undesirable impact on your IDE and the server hosting the components.
无论在何种情况下,都应采取防范措施以防止导入恶意代码或对ide和承载组件的服务器产生意外但有负面影响的代码。
Alternatively, malicious users might try to simply crash your server.
也有可能是,恶意使用者尝试损毁您的伺服器。
Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent.
无诱饵钓鱼欺骗是一种诡秘的做法,其中恶意代码装入个人计算机或服务器,在不知不觉中或者未经用户同意将用户错误地引向骗人的网站。
It is possible for a malicious user to use the postback script to send arbitrary post events to server controls.
恶意用户有可能使用回发脚本向服务器控件发送任意发送事件。
If the string is not validated and malicious text or characters not escaped, an attacker can potentially access sensitive data or other resources on the server.
如果字串未经验证且未逸出恶意的文字或字元,攻击者就可能得以存取伺服器上的机密资料或其他资源。
Directory traversal is another injection-style attack, wherein a malicious user tricks filesystem code into reading and/or writing files that the Web server shouldn't have access to.
目录遍历是另一种注入类型的攻击,攻击者欺骗文件系统读或写服务器不允许操作的文件。
Pharming Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent.
无诱饵钓鱼欺骗 无诱饵钓鱼欺骗是一种诡秘的做法,其中恶意代码装入个人计算机或服务器 ,在不知不觉中或者未经用户同意将用户错误地引向骗人的网站。
A malicious user could record communication between the client and the server and then use that information to replay the transaction.
恶意用户可以记录客户端和服务器之间的通信,然后使用该信息重播事务。
By keeping the code server side, you reduce the risk of any malicious activity through cross-site scripting, SQL injection, and so on.
通过将代码放在服务器端,减少了通过跨站点脚本、SQL注入等手段进行恶意活动的风险。
For example, a malicious user could construct a build definition to run arbitrary code to take control of the server and steal data.
例如,恶意用户可能会构建用于运行任意代码的生成定义,从而控制服务器并窃取数据。
For example, a malicious user could construct a build definition to run arbitrary code to take control of the server and steal data.
例如,恶意用户可能会构建用于运行任意代码的生成定义,从而控制服务器并窃取数据。
应用推荐