
In recent years, Information Technology has been developing rapidly, the abilities of Internet are widen, computer technology has penetrated into all areas of society, various technical support system, the Internet site has emerged, and they became the core of many enterprise business. The advent of the Internet has changed people's lives in revolutionary way, accompanied by the age of the Internet into our life is a wide variety of Web sites. These sites allow us to understand information which we want to know about easily, we can also find shopping sites, such as Taobao, Jingdong, and buy goods without any movements.
The Internet has brought convenience at the same time, network security issues also come up and become great problems, faced by major companies in the information era. Many sites lack of safety awareness in the development process, leading all kinds of loopholes, which are exploited to cause user data to be stolen, resulting in losses that cannot be avoided. We often see news about some websites’ data was stolen by hackers, this indicates that the network has become an Internet primary security issues that company should consider.
The thesis begins from common network attacks, from system level, and network level, and Website level, describe the ways of website suffering from the attack nowadays; then passage reorganize a more common schema on the basis of the common web schema mode. And based on that, the passage figure out a feasible program solution, according to common schema of cyberattack form the aspects of invasion defense, and data encryption, and firewall deployment. And the thesis show the process and effect compared to the open-source implementation of security products.Finally, the passage briefly illustrates the issues about cloud security related to the popular cloud technologies nowadays.
Key Words:Network Security Site Architecture Distributed Cloud Platform Database Server Site Server
第一章主要是描述了本文的研究背景以及对于网络安全的国内外现状分析。 [资料来源:www.doc163.com]

第1章 绪论 1
1.1背景描述 1
1.2国内外现状分析 1
1.3本文组织结构 2
第2章常见web攻击方式描述 3
2.1系统服务器攻击 3
2.1.1操作系统漏洞攻击 3
2.1.2系统扫描攻击 3
2.1.3病毒木马攻击 6
2.2web站点攻击 6
2.2.1注入 6
2.2.2失效的身份认证和会话管理 7
2.2.3跨站脚本 7
2.2.4不安全对象的直接引用 8
2.2.5安全配置错误 8
2.2.6敏感信息泄露 8
2.2.7功能级访问控制缺失 8
2.2.8跨站请求伪造 8
2.2.9使用含有已知漏洞的组件 8
2.2.10未验证的重定向和转发 8
2.3web服务器攻击 9
第3章网站架构描述 10
3.1典型的网站架构 10
3.2缓存、分布式服务架构 10
3.3负载均衡、反向代理、服务器集群 11
3.4用户使用流程分析 12
第4章网站安全架构设计与实施 13
4.1操作系统漏洞 13
4.1.1自动安装更新 13
4.1.2关闭不必要的端口 14
4.1.3关闭window默认共享 15
4.1.4服务器用户权限设计 16
4.2服务器网络划分 18
4.3数据加密存储和传输以及备份 19
4.3.1数据加密存储 19
4.3.2数据加密传输 20
4.3.3部署数据备份服务器 20
4.4部署web应用防火墙 21
4.5部署入侵检测系统 22
4.6部署入侵防御系统 23
4.7部署防病毒模块 23
4.8部署审计模块 24
第5章云安全简要描述 25
5.1云安全现状分析 25
5.2云安全发展趋势 25
第6章 实例演示—SQL注入漏洞利用 26
第7章 总结 32 [资料来源:Doc163.com]