9 ways to prevent Access databases from being downloaded

Article first language: Originally changed MDB for ASP can prevent download is nonsense.

Introduction: Yesterday and animator test a bit, the Data.mdb file renamed data.asp file in the Wwwroot directory. Then in IE input data.asp path, found that IE shows a blank, right key-> view source file, out of Notepad, the content saved as an. mdb file, opened with access, found that a password was required, that is, at least the file header was corrupted.
Then use the FlashGet test to download the data.asp file and save it as a Data.mdb file, and discover that access is turned on intact!!! It seems that a good number of programmers in the development of the time to think that the MDB suffix to the ASP can be downloaded to prevent the concept of the wrong! The background database is downloaded for a asp+a ccess site is undoubtedly a tragic disaster. Today to find the articles, summed up there are the following 9 ways to prevent the database is downloaded (Welcome to add):& nbsp;


1. Play your imagination modify the database file name
Needless to say, this is the most lazy way, but if the attacker through a third-party access to the path of the database, the game is over. For example, the attacker would have only access to the list right, the result of unexpectedly see the database path, can be sounding the database to download back to study. In addition, the data files are usually large in size, and the hidden file names can not deceive people. So confidentiality is the lowest.


2. Database name suffix to ASA, ASP, etc.

This method should be in conjunction with some settings, or else it will appear at the beginning of this article

(1) Binary field add (this recruit I have not yet refined into-_-+).

(2) In this file to add <% or%>,iis will be parsed by ASP syntax, and then will report 500 errors, nature can not download. But if it's simply a matter of adding <% to the text or Memo field in the database, it won't work, because access will handle the contents of it, and in the database he will be in the form of <, invalid! The correct approach is to save the <% into the OLE Object field so that our purpose is achieved. &nbs p;
To make a method:
First of all, use Notepad to create a new content for <% text file, a name to archive.
Next, open your database file with access, create a new table, name it, add an OLE object's field to the table, add a record, insert the previously created text file, and, if it is correct, you should be able to see a newer record named "Packet". Can


3. Database name before adding "#"
Just add the first name of the database file to the #, and then modify the database address in the database connection file (such as conn.asp). The principle is that the download can only identify & nbsp, #号前名的部分, for the back of the automatic removal, such as you want to download: http://www.pcdigest.com/date/# 123.mdb (if present). Whether it is IE or flashget and so on are the Http://www.test.com/dat e/index.htm (index.asp, default.jsp, etc. you set up in IIS homepage document)
In addition, in the database file name to retain a number of spaces also play a similar role, due to the HTTP protocol to address the specificity of resolution, the space will be encoded as "%", such as http://www.test.com/date/123 456.mdb, download the time http://www. Test.com/date/123%456.mdb. And our directory is not 123%456.mdb this file, so the download is invalid such modifications, even if you expose the database address, under normal circumstances, others are also unable to download!


4. Encrypt the database
First in the selection tool-> security-> encryption/decryption database, select the database (such as: Employer.mdb), and then determine, then the "Database encryption Save as" window, Save as: Employer1.mdb. Then the employer.mdb will be encoded and stored as employer1.mdb. Note that the above action does not set a password on the database, but only encodes the database file to prevent others from using other tools to view the contents of the database file.
Next we encrypt the database, first by opening the encoded e-mployer1.mdb, and when we open it, select "Exclusive" mode. Then select the "Tools-> security-> settings Database Password",& nbsp in the menu, and then enter your password. So even if someone gets the Employer1.mdb file, he can't see Emplo yer1.mdb without a password.
To modify the database Connection page after encryption, such as:
Conn.Open "Driver={microsoft access DRIVER&AMP;NB sp; (*.mdb)};uid=admin;pwd= database password; dbq= database path"
After this modification, the database can not be opened even if it is downloaded (provided that the password on your database connection page is not compromised).
However, it is noteworthy that, because the Access database encryption mechanism is relatively simple, even if the password is set, decryption is easy. The database system forms an encrypted string by "XOR" the password entered by the user with a fixed key and stores it in the area where the *.mdb file starts at the address "&h42". So a good programmer can easily make a dozens of-line applet to get the password of any Access database easily. Therefore, as long as the database is downloaded, its information security is still unknown.


5. The database is placed outside the Web directory or the database connection file is placed under another virtual directory
If your web directory is e:\webroot, you can put the database into the E:\data folder, in the E:\webroot database Connection page to modify the database connection address is: ". /data/database name ", so that the database can be called normally, but cannot be downloaded because it is not in the Web directory! This method is generally not suitable for users who buy virtual space.


6. Use an ODBC data source.
In the ASP and other program design, if there is a condition, should try to use ODBC data source, do not write the database name in the program, otherwise, the database name with the ASP source code with the Official secrets of the Official secrets, such as: DBPath = Server.MapPath (". /123/abc/asfadf.mdb ")
Conn.Open "Driver={microsoft Access driver&nb sp; (*.mdb)};d bq=" & DBPath
Visible, even if the database name is strange, hidden directory again deep, the ASP source code compromised, also very easy to download down. If you use an ODBC data source, there will not be such a problem: Conn.Open "odbc-dsn name", but this is more annoying, the directory to move and then reset the data source, more convenient way to see the 7th, 8 law!


7. Add a database name, such as an MDB extension map
This method is implemented by modifying the IIS settings, and is suitable for friends with IIS control and is not suitable for buying virtual host users (unless the administrator has already set them up). I think this method is the best at present. As long as you modify one place, the entire site's database can be prevented from being downloaded. There is no need to modify the code, even exposing the destination address can prevent downloads. &n BSP;
We add the application resolution of the. mdb file in the IIS properties---home directory---configuration---mapping---application extensions. Note here the choice of D LL (or EXE, etc.) does not seem to be arbitrary, the choice of improper, this MDB file can still be downloaded, note that it is best not to choose Asp.dll. You can test it yourself.
After this modification, download the database such as: Http://www.test.com/data/dvbbs6.mdb. Appears (404 or 50 0 errors)


8: Use. NET's advantages
The wooden bird on the net has written a "Wbal anti-theft chain tool" to prevent illegal downloading of files. Concrete can be landed http://www.9seek. com/wbal/;
But that only implemented to prevent non-local downloads, did not play a real download database functionality. But this method has been similar to the 5 law can be modified. NET files, to achieve local also can not download!

These methods, only the 7th and 8 are unified change, once modified configuration, the entire site of the database can be prevented from downloading, the other several to modify the database name and connection files, more trouble, but for the virtual host of friends can only be so!

In fact, the 6th method should be the extension of the 5th method, special features can be implemented, but for hosts that do not support. NET or for fear of setting up trouble, the 5th method is used directly, and by default the 6th method can still be copied to the same host forum or message book. Then you can click on the download (because such a reference page is from the same host)

9. Use NTFS partition file permission settings (by Percyboy)
We already know that Access databases are accessed using Ado.net in asp.net, and Access databases are accessed via OLE DB connections-one of our most common low-end databases. This article discusses some of the error prompts that may be seen in asp.net, from which you see the &AMP;NB SP; The database files created by Access 2000 and access XP have a different error prompt when access errors occur. Hope to help you. Another important point is that, hopefully, this article will be made to the ASP. NET has a new understanding of NTFS permissions settings for Access database files in.


(i) the experimental process


In order to describe the convenience, give a concrete example to do an experiment: the application for/test, the database stored in D:\WWWR Oot\test\data\db1.mdb, we already know in asp.net is called by A; To access the database for the ASPNET virtual user, we need to give this account a specific NTFS permission to enable the ASP.net program to function properly.



To get the most restrictive NTFS permission settings, we gave the program the lowest NTFS permissions at the beginning of the experiment:

A D:\wwwroot\test\data\ the folder to the user ASPNET with the following permissions:
Allow Deny
Full control of &n BSP; -& nbsp;-
Modify &nbs p; &nbs p;--
Read and run & nbsp; √-;
Lists folder directories; √-
Read &nbs p; &nbs p;√-
Write &nbs p; &nbs p;--

b D:\wwwroot\test\data\db1.mdb The file itself to the user ASPNET with the following permissions:
√ Allows inheritable permissions from the parent to propagate to the object



1.1 For an ASPX program that contains only the "SELECT" command, the above permission setting has no barrier to running: The above permission has already satisfied the operation of such a program.


1.2 For ASPX programs that contain commands such as "Update" INSERT "Update";

(a) If Db1.mdb is a database created by Access 2000, the following error occurs:

A server error in the "/test" application.
---------------------------------------
The Microsoft Jet database engine does not open file D:\wwwroot\test\data\. &n BSP; it has been opened exclusively by another user or does not have permission to view data.
Note: An unhandled exception occurred during the execution of the current WEB request. Check the stack trace for more information about the error and where the error occurred in the code.
Exception Details: the System.Data.OleDb.OleDbException:Microsof T Jet Database engine does not open file D:\wwwroot\test\data\. It has been opened exclusively by another user or does not have permission to view the data.


(b) If Db1.mdb is a database created by Access XP, the following error occurs:

A server error in the "/test" application.
----------------------------------------------
The operation must use an updatable query.
Note: An unhandled exception occurred during the execution of the current WEB request. Check the stack trace for more information about the error and where the error occurred in the code.
Exception Details: System.Data.OleDb.OleDbException: The operation must use an updatable query.


(c) Preliminary analysis: Because there are commands such as "Update" INSERT "Update" that require writing to the database file itself, the above permissions do not meet this requirement, and we need to further release the permissions.

We let go of some authority,
A) D:\wwwroot\test\data\ folder unchanged: & nbsp;

b D:\wwwroot\test\data\db1.mdb The file itself to the user ASPNET with the following permissions:
Allow Deny
Full control of &n BSP; -& nbsp;-
Modify &nbs p; &nbs p;--
Read and run & nbsp; √-;
Lists folder directories; √-
Read &nbs p; &nbs p;√-
Write &nbs p; &nbs p;√-



1.3 After releasing the permission to continue the experiment,

(a) If Db1.mdb is a database created by Access 2000, the following error occurs:

A server error in the "/test" application.
------------------------------------------
Cannot lock file.
Note: An unhandled exception occurred during the execution of the current WEB request. Check the stack trace for more information about the error and where the error occurred in the code.
Exception Details: System.Data.OleDb.OleDbException: Cannot lock file. & nbsp;


(b) If Db1.mdb is a database created by Access XP, no error occurs.


(c) Preliminary analysis: We find that when an Access database is opened, a *.ldb file with the same name is generated in the same directory as the lock tag for access. In view of this, we suspect that when the user ASPNET accesses an Access database, it is also necessary to generate a lock tag, which does not allow it to be written, and therefore has an error. The reason why the database created by Access XP does not have this error is unknown.

We further liberalized our authority,
A D:\wwwroot\test\data\ folder to the user ASPNET with the following permissions:
Allow Deny
Full control of &n BSP; -& nbsp;-
Modify &nbs p; &nbs p;--
Read and run & nbsp; √-;
Lists folder directories; √-
Read &nbs p; &nbs p;√-
Write &nbs p; &nbs p;√-

b D:\wwwroot\test\data\db1.mdb The file itself to the user ASPNET with the following permissions:
√ Allows inheritable permissions from the parent to propagate to the object



1.4 Continue the experiment, found that the error has been resolved, then the above permission is we need to release the "least privilege".

(a) If Db1.mdb is a database created by Access 2000, we will find a small problem: the generated *.ldb file will not be deleted by itself, but the file still exists after the visit, but this problem does not affect the normal operation of ASP.net.


(b) If Db1.mdb is a database created by Access XP, there is no such problem.


(c) Preliminary analysis: We just gave the ASPNET the right to write to the folder, without the permissions to modify it, so once the file is written, it cannot modify its contents, and the *.LDB is deleted.


If you do not want to solve this problem, further release permissions are:
A D:\wwwroot\test\data\ folder to the user ASPNET with the following permissions:
Allow Deny
Full control of &n BSP; -& nbsp;-
Modify &nbs p; &nbs p;√-
Read and run & nbsp; √-;
Lists folder directories; √-
Read &nbs p; &nbs p;√-
Write &nbs p; &nbs p;√-

b D:\wwwroot\test\data\db1.mdb The file itself to the user ASPNET with the following permissions:
√ Allows inheritable permissions from the parent to propagate to the object



1.5 Along with, experiment another case: we put the Db1.mdb in the Acce SS to open the edit, while accessing the asp.net.

(a) If Db1.mdb is a database created by Access 2000, we find that there are no problems.


(b) If Db1.mdb is a database created by Access XP, the following error occurs:

A server error in the "/zhao" application.
------------------------------------------------
cannot be used; The file is already in use.
Note: An unhandled exception occurred during the execution of the current WEB request. Check the stack trace for more information about the error and where the error occurred in the code.
Exception Details: System.Data.OleDb.OleDbException: Cannot use &nbs p;; file is already in use.


(c) A preliminary analysis of the reasons: Access database is a single user single-threaded database, we are in access&n BSP; When you open the Edit database file, you actually open the database as the current Windows user (such as Administrator), and asp.net The default is to use the ASPNET virtual user (which is part of the Users group) with a lower level than the Administrator and unable to Adminis trator "Snatch" permission, so there is a conflict error. As far as Access 2000 ignores this problem, we don't have to discuss it, and maybe Access 2000 doesn't take that many factors into consideration. & nbsp;


1.6 With one more case: Change the Db1.mdb property to read-only, either &nbs p; Access 2000 or Access XP will each have the same error message as each of the & nbsp;1.2.


(ii) Conclusion of the experiment


(1) Let's first summarize the origin of NTFS permission settings for Access database files:

The default in ASP.net is one called aspnet& nbsp; virtual user to access and manipulate the database, you can see this user in the Control Panel-Administrative Tools-Computer Management-Local Users and groups-users, by default:

Full name: asp.net computer account &AMP;NB sp;
Described as: An account that is used to run the ASP.NET&AMP;NB SP; worker process (aspnet_wp.exe).
Subordinate to: Users group.

Using a user who is affiliated to the Users group for file operations and database operations is much less risky than using a Administrators group of users, which is a security concern for ASP.

Since this is a user who needs to access and manipulate the database file itself, we need to give it a certain NTFS permission to allow it access. Obviously, without NTFS permission, the ASPNET cannot access and manipulate the database, and the errors that are seen in the previous experiment appear.


(2) After the above experiments, we already know that the following NTFS permission settings are available to meet the general requirements: &AMP;NB sp;

A D:\wwwroot\test\data\ folder to the user ASPNET with the following permissions:
Allow Deny
Full control of &n BSP; -& nbsp;-
Modify &nbs p; &nbs p;--
Read and run & nbsp; √-;
Lists folder directories; √-
Read &nbs p; &nbs p;√-
Write &nbs p; &nbs p;√-

b D:\wwwroot\test\data\db1.mdb The file itself to the user ASPNET with the following permissions:
√ Allows inheritable permissions from the parent to propagate to the object


At the same time, we also notice that Db1.mdb is a "read-only" file that also has a certain impact on the access to the ASPNET.


(3) The above permission settings can be set directly to the ASPNET users themselves, can also be set to use RS group, or directly to the Everyone group above permissions can be. Because the ASPNET is part of the Users group, you can set permissions for the ASPNET through the user group.


(4) NTFS permissions are set on the "Properties" dialog Box-"Security" tab after the file or folder is right-clicked, in general, you can consider giving the adminitrators group "Full Control", and do not easily tick in the "refusal", about the &n BSP; The technique of NTFS permission setting, you can consult network administrator, network security expert's suggestion.

Note: NTFS permissions are not supported in FAT, FAT32-formatted partitions. &AMP;NB sp;


(5) The Windows 2000 series, the Security tab of the Windows Server 2003 series, is easily found by default, but the Security tab in the Windows XP Pr ofessional is turned off by default, and you can control Panel-Folder Options- On the View tab, in the Advanced settings, use simple sharing (recommended) "√" removal, OK, and then follow the above method to see the Security tab again. &nbs p;


===========
To sum up, 2, 3, 4 method together, is to prevent the database is downloaded the most basic, the most effective method, not only for the server has jurisdiction of network management, but also applicable to the user of the virtual host, recommend each of the producers must use these three methods

If you have jurisdiction over the server, plus method 9, the security of your Access database can be greatly improved.