IIS vulnerabilities in Windows server and how to fix them
I can safely say that the common goal for Windows Server administrators is to have an appropriately resilient system. There are a lot of cyber security threats in the world, the last thing you want to happen is at the other end of the world, or someone in your organization has exploited the vulnerabilities of IIS or Windows, all of which could have been avoided.
You may not be able to reach the application level, but there are many things you can do at the server level to make your IIS-based system more secure. By reviewing my many years of site security assessment projects, you can identify the following IIS vulnerabilities that most affect Windows servers.
The generation of unhandled exceptions (HTTP 500 errors)
This leaks sensitive configuration information and facilitates SQL injection attacks. The workaround for the server is to cancel the detailed error message in the web.conf file of the following server.
<customerrors mode= "RemoteOnly" defaultredirect= "apperrors.aspx" >
<error statuscode= "404" redirect= "nosuchpage.aspx"/>
<error statuscode= "403" redirect= "noaccessallowed.aspx"/>
<error statuscode= "$" redirect= "requestnotallowed.aspx"/>
</customErrors>
View state encryption and Mac disabled
This can cause an attacker to tamper with sensitive parameters for unauthorized access. The workaround for the server is to enable view-state hashing and Mac for all application pages in the web.conf file of the following server.
<system.web>
<pages viewstateencryptionmode= "Always" >
<pages enableviewstatemac= "true"/>
<machinekey validation= "3DES"/>
</system.web>
A non-encrypted HTTP connection is allowed
This results in the exposure of login information and other sensitive information, as any information that travels with the Web server is transmitted in clear text. The workaround for the server is to make it require TLS version 1.1 and encrypt the entire Web page/app.
SSL versions 2 and 3 and weak encryption algorithms are enabled
This can facilitate man-in-the-middle attacks and lead to sensitive information leaks. The server-side workaround is to make it require TLS version 1.1 and to suppress weak cipher algorithms such as RC4.
Cross-frame scripting becomes possible
This can facilitate clicking on the hostage and misleading users by clicking on something different from what they think is being clicked. The server-side workaround is to set the x-frame-options head to Deny,sameorigin or allow-from based on your specific needs.
Sensitive server directories and files are accessible to the public
This can expose system configuration information, code, and sensitive information. The workaround for the server is to open only the necessary permissions for the public user.
Did not hit Windows patch
This can cause any attack, as small as a denial of service attack, to get the full remote permissions of the Web server using such as the Metasploit tool. The workaround for the server is to patch your server, which is a simple operation. Even if you're going to need this server to go offline from a production environment, you'll need to always patch the server in a full way to create a secure Web environment.
Most of the vulnerabilities may not be considered "critical", but they must be problematic for a long time. As you can see, they are relatively simple to solve. In fact, it's only your time to solve their only consumption. By finding and resolving these issues, the security of the business will be successful and will help the vulnerability scanning and security assessment reports look clean.
Once you've dealt with the security of Web server fundamentals, you can consider the security flaws of your web app to a larger-and generally more complex-. This includes cross-site scripting (one of the most common vulnerabilities), SQL injection (a less common but deadly vulnerability), weak user authentication and session management. Here is the real beginning of the fun.
The Mid-Autumn Festival offers wonderful solution! Ignore the attack!
High-protection Special: The best choice of website game
Hengyang Telecom (30G single-defense) 8h/8g/1t/exclusive 20M-800 yuan
Hengyang Double Line (30G single defense) 8h/8g/1t/exclusive 20m--1100 Yuan
Best of all: the Gospel of the video and audio chat room download Station
Hengyang Telecom (30G single-defense) 8h/8g/1t/exclusive 100M-1100 yuan
Xiao Xin Enterprise Q 2851506992 Q 604906005 tell:15013023312
Hengyang High-protection server rental , Server Hosting , Large enclosure bandwidth rental
Hengyang Machine Room export 500G,30g--200g High Defense,
Open UDP Open Port ignore Cc/udp/syn Attack!
New configuration Dell R610, eight core 16 threads
Hunan IDC engine room &NBSP; High anti-high with &NBSP; Baidu ip " Span style= "font-family: Song body; Color:rgb (255,0,0); Font-size:14px ", segment &NBSP; Dell branded Server
G Port Access ! Stable! High-protection! Second Solution! Real Defense!
IIS vulnerabilities in Windows server and how to fix them