Three ways to troubleshoot IIS 6 directory check security vulnerabilities

Source: Internet
Author: User
Tags iis
iis| Security | security Vulnerabilities | solution

Description of Windows 2003 Enterprise Edition IIS6 Directory Check Vulnerability

1, Windows 2003 Enterprise Edition is Microsoft's current mainstream server operating system. Windows 2003 IIS6 has a vulnerability to file resolution paths when the folder is named similar to hack. At the time of ASP (that is, the folder name looks like the filename of an ASP file), any type of file under this folder can be executed as an ASP program in IIS. So the hacker can upload the extension of jpg or GIF and so on looks like a picture file Trojan file, by accessing this file can run the Trojan horse.

2, the extension of the Jpg/gif Trojan check method:

Use the details in explorer and view them by category. Click "View" menu--"Select Details"--check "size", OK. At this point, the normal picture file will show the size of the picture, if not shown, then 99% can certainly be a Trojan file. Use Notepad program to open 100% OK.

3, the scope of vulnerability impact:

Installed the IIS6 server (windows2003), the vulnerability characteristics of the site's management authority was stolen, resulting in the Web site was hacked. Because Microsoft has not yet released the patch for this vulnerability, almost all sites will have this vulnerability.

second, how to solve IIS6 security vulnerabilities?

A Scheme: Patching

The installation of the patch is a more insurance method, but the vulnerability has been found for some time, Microsoft has not released the relevant patches.

Plan B: Website programmer to solve

For those websites that allow registration of accounts, when the Web site program is written, programmers usually use the name of a registered username to set up a folder to hold the user's data for easy administration. For example, some pictures, text and so on information. Hackers are using this feature To register the name of a subsequent masterpiece by A. Or. cer, specifically through the website, then through such as the ASP file containing Trojans to the. jpg and other methods, the file uploaded to the server, due to IIS6 vulnerabilities, JPG files can be run through IIS6, Trojan also with the operation, reached the purpose of attacking the site, this situation, can To be limited by the programmer to the registered user name, excluding some registered names with *.asp *.asa and other character names. Strengthen the site's own security and preventive measures. In addition, you want to prevent users from renaming the folder.

This method can be used to some extent to prevent some attack behavior, but this approach is very cumbersome to achieve, the site's developers in the security aspects of the program must have a good technology, and must be the entire site involved in file management procedures for inspection, a site less than dozens of, more than thousands of documents, It's quite time-consuming to check out, and it's inevitable that one or two of them will be missed.

In addition, there are many ready-made Web site system as long as the download after the upload to space can be used, the development of these existing Web site system programmers technical level is uneven, it is inevitable that some of these systems will exist this loophole, there is a considerable part of the system's source code is encrypted, many owners want to change also do not move, the face of loopholes can not be powerless.

C Scenario: Server Configuration Resolution

Site administrators can prevent this vulnerability by modifying the configuration of the server. How do I configure the server? Many sites allow users to upload a certain number of pictures, flash, and so on, many times the site developers in order to facilitate the future management, the uploaded files are unified into a designated folder, the administrator as long as the folder to execute the permissions set to "None", so that a certain degree of vulnerability can be prevented.

D Solution: The service provider solves the server to unify the whole filtration, by writes the component to limit this behavior. But there are not many host providers that can do this kind of technical service.

third, how to solve the problem of the world

Linkage World Www.72e.net with its strong technology development capabilities, after a long period of development testing, and finally developed a powerful security filter system, can be a good solution to IIS directory detection vulnerabilities. This security system mainly has the following functions:

1. Safety detection function

The security filtering system will detect the URLs requested by the visitor. When a visitor visits the website of our server, the security system will first detect whether the URL of this page is placed in a folder with directory security problems, if it is automatically stop the implementation of the page, effectively prevent hackers to exploit this vulnerability intrusion site system, Greatly improve the security of the site.

2, the program error detection

This security filtering system unique Web page program error detection function, the user can view the program error situation through the Virtual Host Control Panel, greatly facilitates the program optimization, the procedure wrong work, avoids the user to analyze those shy difficult to understand, and the massive website log file.



Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.