How does a web-server works for us?
When you type the following url on your browser address bar, http://www.mylovleyblog.com/articles/coocking
few things happens just before you see the text and images.
The browser connect to mylovleyblog.com and “say”: “hey: can I have /articles/cooking” mylovelyblog.com server “looks” (mostly in a database) and reads all the cooking articles then the server wraps up all the information in a browser native language (yap! that’s HTML) sends to the browser
Let’s say a users wish to post a comment.
- The browser connect to mylovleyblog.com and “say”: “hey: Can you store “THE VISITOR COMMET” under /articles/cooking”
- mylovelyblog.com server stores the comment in the database and tag it under cooking articles
- then the server wraps the page content in HTML
- sends it to the browser.
What if the comment a user just posted to /articles/cooking looks like that: **********************************************************************************
“I just found another article using a completely different approach bla bla…… Take a look at www.infectedsitewithlotsofmalwre.net“ ← malicious site **********************************************************************************
So the comment is now stored in the database and your local antivirus should detect it, right?
Well, probably not, there are plenty of databases out there with different formats that your local antivirus cannot read, also the comment might be stored encrypted to prevent local antivirus detecting it.
That’s the magic of external antivirus scanning, it sees your website exactly the same way as your users do (like opening the website on a browser), it doesn’t matter anymore where and how the comment is stored in the database, if it out there on your website the external antivirus will detect it. Simple yes, but it works like a charm :-)
No comments:
Post a Comment