入侵者

可以直接访问Web容器的入侵者只需要提供这一相同的头，就可以成为任何人。

An intruder that can access the Web container directly can become anyone simply by providing this same header .

基于计算机的攻击：在这种情况中，入侵者已经可以访问运行WebSphereApplicationServer的计算机。

Machine-based attacks : In this case , the intruder has access to a machine on which WebSphere Application Server is running .

1719年6月，部队在格兰舍一役击败了入侵者，直至此时他们才最终覆灭。

The invaders were only finally crushed when troops overcame them at Glenshiel in June 1719 .

入侵者破坏了，嗯，我不知道用什么字眼好——气氛，氛围。

The invaders have destroyed the , oh , I don 't know what the right word is — the atmosphere , the ambience .

我们彻底消灭了入侵者。

We annihilated the intruders .

我们不能向入侵者屈服。

We can never bow the neck to any invaders of our country .

他们伏击入侵者。

They ambushed the invaders .

广大军民同心同德，坚决打败入侵者。

The broad masses of people and armymen fought staunchly with one heart and one mind to defeat the aggressors .

我们和邻国团结一致共同抵抗入侵者。

We made common cause with neighbouring countries against the invaders .

遭到惨败之后，入侵者溃退了。

Badly beaten , the intruders fell back in disorder .

他们紧密团结，抵抗入侵者。

They banded themselves closely against the invaders .

入侵者把所有的东西洗劫一空。

The invaders put all to the sack .

入侵者抢走了许多牲口。

The invaders carried away lots of cattle .

一个国家得有决心击退任何入侵者。

A country must have the will to repel any invader .

我们的免疫系统总是在全身各处巡查，击退病毒等不友好的入侵者。

Our immune system constantly patrols our body fighting off hostile invaders2 such as viruses .

关键的问题是入侵者是使用定义良好的API和协议来进行攻击的。

The key is that the attack is executed using well-defined APIs and protocols .

当细菌遭到病毒的入侵时，会使用“分子剪刀”——一种DNA内切酶来切掉入侵者。

Bacteria , when invaded by a virus , deploy " molecular scissors " - a DNA-cutting enzyme that chops up the invader .

Levy表示人体可能会认为鳄鱼蛋白质是外来入侵者而拒绝他们。

Levy said the human body might reject alligator proteins , thinking they 're foreign invaders .

图1展示一个入侵者站点通过一个经过验证的mashup页面向一个mashup服务器发送请求。

Figure 1 shows an intruder site issuing requests to a mashup server through an authenticated mashup page .

最后，在有一个入侵者的情况下，通过使用BAN风格的逻辑证明所期望的属性分析了协议的强度和正确性。

Finally the protocol is analyzed for its strength and correctness by proving the desired properties using BAN style logic in the presence of an intruder .

另一种更狡猾的攻击方法是，入侵者可以修改通过HTTP返回的任何页面&甚至包括页面中嵌入的URL。

An even more subtle attack is that any page returned over HTTP can be potentially altered by an intruder & even URLs embedded in the page .

后来的入侵者包括阿拉伯人（Arabs），突厥人（Turks）和蒙古人（Mongols），他们占领了这片土地。

Later invaders included Arabs , Turks and Mongols , many of which settled the lands .

XML并没有提供访问控制，因此威胁XML驱动的应用程序安全性的入侵者不仅仅会威胁到应用程序所关心的数据的安全性&XML文档中的所有内容都是可访问的。

XML doesn 't offer access control , so a black hat who compromises an XML-driven application isn 't just limited to the data the application cares about & everything in the XML document is accessible .

该小BUG可以不经入侵者同意而上传攻击代码，甚至可以写入到他的自动运行的文件目录中。

That hole allowed him to upload an attack file the hacker hadn 't asked for , and even write it into the server 's autostart directory .

入侵检测系统（IntrusionDetectionSystem简称IDS）是一种利用入侵者留下的痕迹，或入侵者发送数据包的特征等信息来有效地发现来自外部或内部的非法入侵的网络应用系统。

Intrusion Detection System is a kind of network application system , designed to efficiently inspect or identify all inbound and outbound illegal network activity by information , for instance , traces left by attackers or features of digital bags .

入侵者发动CSRF攻击所使用的一种技术是将一个URL嵌入到标记的src属性中。

One technique intruders use to initiate a CSRF attack is to embed a URL within the src attribute of an tag .

本周稍早时间，微软为IE中一个备受瞩目的安全缺陷提供了临时解决办法，那个漏洞为入侵者大开方便之门，受害人的IE会宕机并且任意代码得以在其电脑上运行。

Microsoft earlier this week offered a workaround for a known flaw in the Web browser that opens the door for intruders to crash IE and to run arbitrary code .

如果EJB层不安全（请参见下一部分），则入侵者可以使用伪造的凭证直接调用EJB，使应用程序的安全性无效。

If the EJB layer is not secured ( see the next section ), intruders can call an EJB directly with forged credentials , rendering the application 's security meaningless .

一个mashup页面中的入侵者常常利用这种情况来绕开浏览器限制并重定向敏感数据，然后再记录这些数据。

This situation is often exploited by intruders in a mashup page in order to side-step browser restrictions and to redirect sensitive data that is then recorded .

这种攻击只在一种情况下可行：入侵者站点使mashup页面为其将请求代理到企业mashup服务器。

This attack is only possible if the intruder site gets the mashup page to proxy the requests to the corporate mashup server for the intruder site .