However this mode should not be used in live deployment as it could give an attacker a lot of information about the services that you export.
但是在该模式下你导出的服务的许多信息都暴露给了攻击者,真正部署的时候应该避免使用这种模式。
Once so compromised, a computer can surreptitiously download other code that can log a victim's key strokes, giving an attacker a path to potentially wide network access.
一旦入侵成功,电脑能够暗中下载其它代码,这些代码会记录入侵电脑的键击数据,这将给攻击者一条潜在宽广网络进入权。
The attacker knocked on their door and made a lunge for Wendy when she answered.
袭击者敲了他们的门,并在温迪开门时,向她猛冲过去。
The attacker threatened them with a gun.
袭击者用枪威胁他们。
If your program is a viewer or editor of data—such as a word processor or an image displayer—that data might be from an attacker, so it's an untrusted input.
如果您的程序是数据的浏览器或者编辑器——比如文字处理器或者图像显示器——那么那些数据有可能来自攻击者,所以那是不可信的输入。
Luckily, Zhang had just learned how to escape from an attacker, a person who plans to hurt someone.
幸运的是,张刚学会了如何从计划伤害他人的袭击者手中逃脱。
A creative attacker can take advantage of a buffer overflow vulnerability through stack-smashing and then run arbitrary code (anything at all).
有创造力的攻击者会透过摧毁堆叠利用缓冲区溢位的弱点,然后执行任何程序码。
The attacker then calls a customer service representative at the site, posing as the shopper and providing personal information.
攻击者接下来在网站上调用客户服务,作为购物者登录并且提供个人信息。
The sophisticated attacker finds a weakness in a similar type of software, and tries to use that to exploit the system.
富有经验的攻击者可以发现同类软件的缺点,并且尝试利用这些弱点来进入系统。
A common scenario is that the attacker calls the shopper, pretending to be a representative from a site visited, and extracts information.
一个常见的场景是攻击者打电话给购物者,假装是购物者所访问站点的代表,并且提取信息。
The attacker then sends a packet full of SACK options designed to force the other host to scan that entire queue to process each option.
然后攻击者发送一个充满SACK选项的包,目的是使另一方主机扫描整个队列以处理每个选项。
But missile attacks on ships are rare, so it is difficult to know just how safe a ship really is-especially if an attacker launches a dozen or so missiles at once.
但舰船受到导弹攻击的案例非常少,因此很难判断一条战舰躲过导弹攻击的劫数有多大,特别是在攻击者一次发射十多枚导弹的情况下。
To accomplish this, the attacker sends a TCP packet with the SYN flag set to the target host, just like when opening a regular TCP connection.
要实现这一点,攻击者向目标主机发送设置了SYN标志的tcp包,就象打开常规tCP连接时一样。
Determining the identity of the attacker was a matter of narrowing down the line of potential suspects.
确定攻击者的身份需要逐渐缩小一连串嫌疑人的范围。
Women were cooking dinner, men were praying and children were playing nearby when the attacker struck, a witness said.
妇女烹饪晚餐,男子祈祷和孩子们玩附近时,攻击者击中,一位目击者说。
Because the percent sign (%) itself can be URL encoded, an attacker can submit a carefully crafted request to a server that is basically double-encoded.
由于百分号(%)本身可以是URL编码的,所以攻击者可以向服务器提交一个精心制作的、基本上是双重编码的请求。
To log into the Web site, the attacker first enters a test user ID (" test ") and password (" test ").
要想登录这个站点,攻击者首先要输入一个测试用户ID (“test ”)和密码(“ test ”)。
Essentially, if you allow an attacker to run code on such a machine through any means, the attacker can completely take over the machine.
从本质上说,如果您允许攻击者在这样的机器上以任何方式运行代码,则攻击者完全可以接管该机器。
But once an attacker can run code on such a machine, the attacker instantly attains complete control.
但是,一旦攻击者可以在这样的机器上运行代码,就可以立即获取完全控制。
Even if an attacker broke into a game program, all he could do would be to change the score files.
即使攻击者攻击并进入了一个游戏程序,所有他能做的事情将是修改分数文件。
If this occurred, the sequence Numbers would definitely be different than what we expected. This also protects us from an attacker dropping a message.
如果他这么干,则序列号一定和我们所期待的不一样,这就保护了我们不受攻击者们扔消息的攻击。
If an attacker can cause a buffer to overflow, then the attacker can control other values in the program.
如果攻击者能够导致缓冲区溢出,那么它就能控制程序中的其他值。
Let us assume an attacker succeeded in filling a page containing malicious script to the Web site for the subscribed members.
让我们假设攻击者成功地将一个包含恶意脚本的页面填入到订阅成员使用的网站上。
The problem is that if an attacker can control the underlying libraries used by a program, the attacker can completely control the program.
问题是,如果攻击者可以控制程序用到的底层库,那么攻击者就可以控制整个程序。
By splitting systems apart like this, you avoid the probability (or at least lessen the risk) of an attacker breaching a server and getting access to data or even internal systems.
通过以这种方式分开系统,就可以避免(至少降低了风险)攻击者进入服务器,然后访问数据或内部系统。
The attacker, a veteran systems administrator, has a problem with her job and takes it out on the systems she is trusted to administer, manage, and protect.
攻击者,一名经验丰富的系统管理员,在工作中遇到了问题,而拿她自己管理、保护的系统发泄。
In most cases, if you create a list of "illegal" characters, an attacker will find a way to exploit your program.
在绝大多数情况下,如果您创建了一个“非法”字符的列表,攻击者还是可以找到利用您的程序的方法。
If a system authenticates based solely on fingerprints, an attacker could reasonably construct a fake hand after carefully gathering fingerprints of an authorized user of the system.
如果系统认证仅基于指纹,则攻击者可以在仔细搜集了系统已认证用户的指纹后适当地构造一只假手。
The second step is to identify vulnerabilities that a hacker or attacker could maliciously exploit.
第二步是确定电脑黑客或攻击者可能恶意攻击的漏洞。
In the real world, we validate signatures by sight, even though a skilled attacker can reliably forge a signature that most people cannot distinguish from the original.
在现实世界中,我们通过视觉验证签名,即使如此,老练的攻击者还是可以伪造一个签名,大多数人都无法将它与原始签名区别开来。
应用推荐