Thu, 25 Jun 2009 01:20:00 GMT希望能在这里和大家交流讨论信息安全领域的技术。http://blog.csdn.net/chengyun_chu/http://blog.csdn.net/chengyun_chu/archive/2009/06/25/4296262.aspxhttp://blog.csdn.net/chengyun_chu/comments/4296262.aspx0http://blog.csdn.net/chengyun_chu/comments/commentRss/4296262.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=4296262跨站脚本Cross-Site Scripting（XSS）是最为流行的Web安全漏洞之一。据统计，2007年，跨站脚本类的安全漏洞的数目已经远远超出传统类型的安全漏洞【1】。那么，什么是跨站脚本？它的危害性是什么？Web开发人员如何在开发过程中避免这类的安全漏洞？就是我们这篇文章要讨论的内容。<img src ="http://blog.csdn.net/chengyun_chu/aggbug/4296262.aspx" width = "1" height = "1" /><img src="http://www1.feedsky.com/t1/236815331/chengyun_chu/csdn.net/s.gif?r=http://blog.csdn.net/chengyun_chu/archive/2009/06/25/4296262.aspx" border="0" height="0" width="0" style="position:absolute" /><p class="fswww1"><a href="http://www1.feedsky.com/r/l/csdn.net/chengyun_chu/236815331/art01.html" target="_blank"><img border="0" ismap="ismap" src="http://www1.feedsky.com/r/i/csdn.net/chengyun_chu/236815331/art01.gif" onerror="this.style.display='none'" /></a></p>Thu, 25 Jun 2009 09:20:00 +0800褚诚云http://blog.csdn.net/chengyun_chu/archive/2009/06/25/4296262.aspx#Feedbackhttp://blog.csdn.net/chengyun_chu/archive/2009/06/25/4296262.aspx褚诚云http://blog.csdn.net/chengyun_chu/archive/2009/06/25/4296262.aspxhttp://blog.csdn.net/chengyun_chu/rss.aspxcsdn.net/chengyun_chu/~1295556/236815331/1298450http://blog.csdn.net/chengyun_chu/archive/2009/03/21/4010068.aspxhttp://blog.csdn.net/chengyun_chu/comments/4010068.aspx0http://blog.csdn.net/chengyun_chu/comments/commentRss/4010068.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=4010068Ryan对Charlie Miller的采访。这位老兄刚刚在CanSecWest上的黑客大赛上攻陷了Safari浏览器。 <img src ="http://blog.csdn.net/chengyun_chu/aggbug/4010068.aspx" width = "1" height = "1" /><p class="fswww1"><a href="http://www1.feedsky.com/r/l/csdn.net/chengyun_chu/236815332/art01.html" target="_blank"><img border="0" ismap="ismap" src="http://www1.feedsky.com/r/i/csdn.net/chengyun_chu/236815332/art01.gif" onerror="this.style.display='none'" /></a></p>Sat, 21 Mar 2009 13:07:00 +0800褚诚云http://blog.csdn.net/chengyun_chu/archive/2009/03/21/4010068.aspx#Feedbackhttp://blog.csdn.net/chengyun_chu/archive/2009/03/21/4010068.aspx褚诚云http://blog.csdn.net/chengyun_chu/archive/2009/03/21/4010068.aspxhttp://blog.csdn.net/chengyun_chu/rss.aspxcsdn.net/chengyun_chu/~1295556/236815332/1298450http://blog.csdn.net/chengyun_chu/archive/2009/01/29/3854255.aspxhttp://blog.csdn.net/chengyun_chu/comments/3854255.aspx0http://blog.csdn.net/chengyun_chu/comments/commentRss/3854255.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=3854255IE 8 安全特性<img src ="http://blog.csdn.net/chengyun_chu/aggbug/3854255.aspx" width = "1" height = "1" /><p class="fswww1"><a href="http://www1.feedsky.com/r/l/csdn.net/chengyun_chu/236815333/art01.html" target="_blank"><img border="0" ismap="ismap" src="http://www1.feedsky.com/r/i/csdn.net/chengyun_chu/236815333/art01.gif" onerror="this.style.display='none'" /></a></p>Thu, 29 Jan 2009 14:30:00 +0800褚诚云http://blog.csdn.net/chengyun_chu/archive/2009/01/29/3854255.aspx#Feedbackhttp://blog.csdn.net/chengyun_chu/archive/2009/01/29/3854255.aspx褚诚云http://blog.csdn.net/chengyun_chu/archive/2009/01/29/3854255.aspxhttp://blog.csdn.net/chengyun_chu/rss.aspxcsdn.net/chengyun_chu/~1295556/236815333/1298450http://blog.csdn.net/chengyun_chu/archive/2009/01/29/3854254.aspxhttp://blog.csdn.net/chengyun_chu/comments/3854254.aspx0http://blog.csdn.net/chengyun_chu/comments/commentRss/3854254.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=3854254祝大家牛年快乐，万事如意<img src ="http://blog.csdn.net/chengyun_chu/aggbug/3854254.aspx" width = "1" height = "1" /><p class="fswww1"><a href="http://www1.feedsky.com/r/l/csdn.net/chengyun_chu/236815334/art01.html" target="_blank"><img border="0" ismap="ismap" src="http://www1.feedsky.com/r/i/csdn.net/chengyun_chu/236815334/art01.gif" onerror="this.style.display='none'" /></a></p>Thu, 29 Jan 2009 14:26:00 +0800褚诚云http://blog.csdn.net/chengyun_chu/archive/2009/01/29/3854254.aspx#Feedbackhttp://blog.csdn.net/chengyun_chu/archive/2009/01/29/3854254.aspx褚诚云http://blog.csdn.net/chengyun_chu/archive/2009/01/29/3854254.aspxhttp://blog.csdn.net/chengyun_chu/rss.aspxcsdn.net/chengyun_chu/~1295556/236815334/1298450http://blog.csdn.net/chengyun_chu/archive/2008/12/06/3458613.aspxhttp://blog.csdn.net/chengyun_chu/comments/3458613.aspx2http://blog.csdn.net/chengyun_chu/comments/commentRss/3458613.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=3458613<br />大牛蛙的博客，对微软安全漏洞感兴趣的可不要错过哦！有时候还有小道消息提供。:)<br /><br />http://blogs.technet.com/secure/default.aspx<br /><img src ="http://blog.csdn.net/chengyun_chu/aggbug/3458613.aspx" width = "1" height = "1" /><p class="fswww1"><a href="http://www1.feedsky.com/r/l/csdn.net/chengyun_chu/236815335/art01.html" target="_blank"><img border="0" ismap="ismap" src="http://www1.feedsky.com/r/i/csdn.net/chengyun_chu/236815335/art01.gif" onerror="this.style.display='none'" /></a></p>Sat, 06 Dec 2008 17:15:00 +0800褚诚云http://blog.csdn.net/chengyun_chu/archive/2008/12/06/3458613.aspx#Feedbackhttp://blog.csdn.net/chengyun_chu/archive/2008/12/06/3458613.aspx褚诚云http://blog.csdn.net/chengyun_chu/archive/2008/12/06/3458613.aspxhttp://blog.csdn.net/chengyun_chu/rss.aspxcsdn.net/chengyun_chu/~1295556/236815335/1298450http://blog.csdn.net/chengyun_chu/archive/2008/12/06/3458584.aspxhttp://blog.csdn.net/chengyun_chu/comments/3458584.aspx0http://blog.csdn.net/chengyun_chu/comments/commentRss/3458584.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=3458584中国软件安全峰会部分讲座的个人笔记<img src ="http://blog.csdn.net/chengyun_chu/aggbug/3458584.aspx" width = "1" height = "1" /><p class="fswww1"><a href="http://www1.feedsky.com/r/l/csdn.net/chengyun_chu/236815336/art01.html" target="_blank"><img border="0" ismap="ismap" src="http://www1.feedsky.com/r/i/csdn.net/chengyun_chu/236815336/art01.gif" onerror="this.style.display='none'" /></a></p>Sat, 06 Dec 2008 16:26:00 +0800褚诚云http://blog.csdn.net/chengyun_chu/archive/2008/12/06/3458584.aspx#Feedbackhttp://blog.csdn.net/chengyun_chu/archive/2008/12/06/3458584.aspx褚诚云http://blog.csdn.net/chengyun_chu/archive/2008/12/06/3458584.aspxhttp://blog.csdn.net/chengyun_chu/rss.aspxcsdn.net/chengyun_chu/~1295556/236815336/1298450http://blog.csdn.net/chengyun_chu/archive/2008/11/05/3230088.aspxhttp://blog.csdn.net/chengyun_chu/comments/3230088.aspx1http://blog.csdn.net/chengyun_chu/comments/commentRss/3230088.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=3230088<br />上一篇有关C/C++禁用危险的API的一文里面没有提到：如果在编译中禁止使用这些危险的API。<br /><br />很简单，<br /><br />#include "banned.h"<br /><br />即可。<br /><br />用户可以从以下链接中直接下载http://download.microsoft.com/download/2/e/b/2ebac853-63b7-49b4-b66f-9fd85f37c0f5/banned.h<br /><br />如果打开banner.h，可以看到，里面有<br /><br />#       pragma deprecated (strlen, wcslen, _mbslen, _mbstrlen, StrLen, lstrlen)<br /><br />通过这种方法，就可以通知编译器对调用危险API报告错误信息。<img src ="http://blog.csdn.net/chengyun_chu/aggbug/3230088.aspx" width = "1" height = "1" /><p class="fswww1"><a href="http://www1.feedsky.com/r/l/csdn.net/chengyun_chu/236815337/art01.html" target="_blank"><img border="0" ismap="ismap" src="http://www1.feedsky.com/r/i/csdn.net/chengyun_chu/236815337/art01.gif" onerror="this.style.display='none'" /></a></p>Thu, 06 Nov 2008 06:37:00 +0800褚诚云http://blog.csdn.net/chengyun_chu/archive/2008/11/05/3230088.aspx#Feedbackhttp://blog.csdn.net/chengyun_chu/archive/2008/11/05/3230088.aspx褚诚云http://blog.csdn.net/chengyun_chu/archive/2008/11/05/3230088.aspxhttp://blog.csdn.net/chengyun_chu/rss.aspxcsdn.net/chengyun_chu/~1295556/236815337/1298450http://blog.csdn.net/chengyun_chu/archive/2008/10/24/3134568.aspxhttp://blog.csdn.net/chengyun_chu/comments/3134568.aspx0http://blog.csdn.net/chengyun_chu/comments/commentRss/3134568.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=3134568今天早上微软发布了一个紧急安全公告 MS08-067<img src ="http://blog.csdn.net/chengyun_chu/aggbug/3134568.aspx" width = "1" height = "1" /><p class="fswww1"><a href="http://www1.feedsky.com/r/l/csdn.net/chengyun_chu/236815338/art01.html" target="_blank"><img border="0" ismap="ismap" src="http://www1.feedsky.com/r/i/csdn.net/chengyun_chu/236815338/art01.gif" onerror="this.style.display='none'" /></a></p>Fri, 24 Oct 2008 15:18:00 +0800褚诚云http://blog.csdn.net/chengyun_chu/archive/2008/10/24/3134568.aspx#Feedbackhttp://blog.csdn.net/chengyun_chu/archive/2008/10/24/3134568.aspx褚诚云http://blog.csdn.net/chengyun_chu/archive/2008/10/24/3134568.aspxhttp://blog.csdn.net/chengyun_chu/rss.aspxcsdn.net/chengyun_chu/~1295556/236815338/1298450http://blog.csdn.net/chengyun_chu/archive/2008/10/23/3127845.aspxhttp://blog.csdn.net/chengyun_chu/comments/3127845.aspx4http://blog.csdn.net/chengyun_chu/comments/commentRss/3127845.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=312784511月份的三个和计算机安全有关的会议。<img src ="http://blog.csdn.net/chengyun_chu/aggbug/3127845.aspx" width = "1" height = "1" /><p class="fswww1"><a href="http://www1.feedsky.com/r/l/csdn.net/chengyun_chu/236815339/art01.html" target="_blank"><img border="0" ismap="ismap" src="http://www1.feedsky.com/r/i/csdn.net/chengyun_chu/236815339/art01.gif" onerror="this.style.display='none'" /></a></p>Thu, 23 Oct 2008 14:49:00 +0800褚诚云http://blog.csdn.net/chengyun_chu/archive/2008/10/23/3127845.aspx#Feedbackhttp://blog.csdn.net/chengyun_chu/archive/2008/10/23/3127845.aspx褚诚云http://blog.csdn.net/chengyun_chu/archive/2008/10/23/3127845.aspxhttp://blog.csdn.net/chengyun_chu/rss.aspxcsdn.net/chengyun_chu/~1295556/236815339/1298450http://blog.csdn.net/chengyun_chu/archive/2008/10/23/3127844.aspxhttp://blog.csdn.net/chengyun_chu/comments/3127844.aspx16http://blog.csdn.net/chengyun_chu/comments/commentRss/3127844.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=3127844C/C++代码中禁用危险的API，其主要目的是为了减少代码中引入安全漏洞的可能性。<img src ="http://blog.csdn.net/chengyun_chu/aggbug/3127844.aspx" width = "1" height = "1" /><p class="fswww1"><a href="http://www1.feedsky.com/r/l/csdn.net/chengyun_chu/236815340/art01.html" target="_blank"><img border="0" ismap="ismap" src="http://www1.feedsky.com/r/i/csdn.net/chengyun_chu/236815340/art01.gif" onerror="this.style.display='none'" /></a></p>Thu, 23 Oct 2008 14:47:00 +0800褚诚云http://blog.csdn.net/chengyun_chu/archive/2008/10/23/3127844.aspx#Feedbackhttp://blog.csdn.net/chengyun_chu/archive/2008/10/23/3127844.aspx褚诚云http://blog.csdn.net/chengyun_chu/archive/2008/10/23/3127844.aspxhttp://blog.csdn.net/chengyun_chu/rss.aspxcsdn.net/chengyun_chu/~1295556/236815340/1298450