台灣2002年衛生署健康網站評獎活動參與網站之內容建置與網路安全性技術分析

The Technical Analysis of the Content Components and Web Security for the 2002 Health-Web-Award-Program Enrolled Sites in Taiwan

健康網站提供了一般民眾相當快速且方便取得的衛教資訊，健康網站內容的正確性與品質關係到國民衛生保健品質之優劣。衛生署於91年舉辦健康網站評獎活動，本研究針對參與的212個網站，掃描網站內容資料量及連結性的狀況並對商業性、個人、及基金協學會、教學醫院四類型網站進行比較，利用Xenu軟體取得網站的網頁內容連結、資料量，及利用Twwscan軟體及自行撰寫DOS模式下的bat批次程式來進行網路掃描，取得各網站所使用作業系統、網頁伺服器、CGI程式等三大類相關資料，以獲取各網站的架構與系統；此外，對所有參賽網站進行網站安全漏洞掃描，最後使用SPSS及微軟之MS Excel軟體加以分析統計。研究結果得到利用Xenu軟體成功掃描189(89.2％)個網站，利用Twwwscan軟體成功掃描196(92.5％)個網站。顯示以網站的內容資料分析來看發現網站中仍以圖文資料類最多，佔9成以上，以網站架構來看約62％網站使用windows作業平台及IIS伺服器，以網站安全性來看平均每個網站約有5個網站弱點被偵測出來，並建議未來可依此方法建立一個長期之網站監控警告系統。

The Department of Health (DOH, Taiwan) sponsored an evaluation campaign for Taiwan's healthcare Web sites in 2002. There were 212 Web sites voluntarily registered and divided into 4 groups include Commercial sites, foundational / institutional, teaching hospital, and individual sites with this campaign. In this study, we employed Xenu and Twwwscan network software scans to assess associated data such as Webpage content, links, data volumes, operating systems, Web servers and CGI scripts, of the 212 Web sites having participated in this campaign. We simultaneously conducted a statistical analysis of potential Web vulnerabilities for each site using SPSS and MS Excel. The result, we find graphic and text (about 90%) are the most part of web site contents. And using the structure for MS Windows Operation System and IIS web server are about 62% of all. Average, about 5 web vulnerabilities for each web site. We also discussed the relationship between Web site content, data volumes, evaluation and linking status, and attempt to outline the current situation of each site's security and applied techniques. We suggesting to building a web sites monitor system to serve these web sites in the future.