[转载]Exploiting & Defending Against Search Engine Attacks

信息来源：johnny.ihackstuff.com

Port Scan, Server Identification / Profile (IIS/Apache/Tomcat/.. ), Gather Information, Vulnerability Scan Reports (Information left by auditors / hackers for us), Find other points of entry (Login Portals / Terminal Servers), Database Injection, Devices (Firewalls/Routers/Virus/Phone/Webex/Print).

http://www.securitycompass.com/r ... earch%20Attacks.pdf

现在服务器的设置2M附件为最大，所以尽管PW的后台设置最大附件为10M，也没办法上传，因此只能帖出地址给大家下载。：）