ASP. NET ASPXSpy Security Settings (ultimate and general defense)

Source: Internet
Author: User

Comments: The ultimate defense (javasshell, IIS Spy, Process, Services, UserInfo, SysInfo, and RegShell) may affect the normal operation of some websites. Please test the website without any problems before using this method. Ultimate defense (javasshell, IIS Spy, Process, Services, UserInfo, SysInfo, RegShell)
It may affect the normal operation of some websites. Please test the website to use this method without any problems.
Website ASP. NET version switched to 2.0.50727
C: \ WINDOWS \ Microsoft. NET \ Framework \ v2.0.50727 \ CONFIG \ web. config
<Location allowOverride = "true"> change to <location allowOverride = "false">
<Trust level = "Full" originUrl = ""/> change to <trust level = "High" originUrl = ""/>
C: \ WINDOWS \ Microsoft. NET \ Framework \ v2.0.50727 \ CONFIG \ web_hightrust.config
Delete <SecurityClass Name = "RegistryPermission" Description = "System. Security. Permissions. RegistryPermission, mscorlib, Version = 2.0.0.0, Culture = neutral, PublicKeyToken = b77a5c561934e089"/>
----------------------------------------------------------------------------
----------------------------------------------------------------------------
General Defense (Process and RegShell cannot be disabled in the following methods. We have learned that the off-star virtual host management system is not disabled)
1. Disable cross-site and Services (4 is also feasible)
Create a system user for each website, such as web_xxx, and only belong to the Guests and IIS_WPG groups.
Create a website folder xxx and add the web_xxx permission.
Create an application pool xxx, properties-ID-configuration, and enter the web_xxx account password.
Create a website xxx, properties-home directory-application pool, and select xxx. Property-home directory-Directory Security-edit, enter the web_xxx account password.
2. Disable shell.
Principle: The Folder does not grant the write permission to the running permission, or the running permission to the write permission.
The permission must be applied to all subdirectories.

Website folder configuration permission is generally the default system disk folder, web_xxx does not have the write permission, so you only need to modify some folders. In addition, you need to check and modify the folder created by yourself or the folder generated by software installation according to the "principle. Some executable folders C: \ InetpubC: \ RECYCLERC: \ wmpubC: \ phpC: \ Documents and Settings \ All Users \ Application Data \ C are as follows: \ Documents and Settings \ All Users \ Documents \ C: \ WINDOWS \ Temp \ C: \ WINDOWS \ IIS Temporary Compressed FilesC: \ WINDOWS \ system32 \ MicrosoftPassportC: \ WINDOWS \ Microsoft. NET \ Framework \ v1.1.4322 \ Temporary ASP. NET FilesC: \ WINDOWS \ Microsoft. NET \ Framework \ v2.0.50727 \ Temporary ASP. NET FilesC: \ WINDOWS \ system32 \ ine Tsrv \ ASP Compiled TemplatesC: \ Program Files \ Zend \ ZendOptimizer-3.3.0 at least cancel the operation permissions of the non-Administrators Group, as to let the write, free play. In addition, scan ScanRegFindWrite. aspx to check whether there are other writeable folders. If so, check whether these writeable folders have the execution permission. If so, remove the execution permission. 3. Disable IIS Spy
C: \ WINDOWS \ system32 \ activeds. tlb
Only "full control" is given to the Administrators group and SYSTEM group, and other user groups are deleted. Restart IIS to take effect.
4. Disable Services (1 is also feasible), UserInfo, and SysInfo.
C: \ WINDOWS \ system32 \ wbem \ wmiprvse.exe
Only "full control" is given to the Administrators group and SYSTEM group, and other user groups are deleted. Restart IIS to take effect.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.