Home > Cloud Computing > Cloud Security

Aspxspy is a simple method to prevent all physical paths of. NET Trojan horses from being deployed.

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Aspxspy this Trojan is. NET Program Production, if your server supports. NET, you must note that the function of entering the trojan is IIS Spy. After you click it, you can see the physical path of all sites. A lot of people have mentioned this before, but no one has answered the question ..
Defense method:

"% SystemRoot %/ServicePackFiles/i386/activeds. dll" % SystemRoot %/system32/activeds. dll "% SystemRoot %/system32/activeds. tlb


Search for these two files, remove the USER group and POWERS group, and retain only the permissions of administrators and system .. Remove all other groups .. This prevents this trojan from listing the physical paths of all sites...
Security Defense: prevents trojans from using the iis spy Function
C: \ WINDOWS \ system32 \ activeds. tlb find this file and cancel the users permission.
Reclaim the process and test it with a Trojan Horse. Can it be read? Error prompted when loading Type Library/DLL
The ASP program can hit an upload image at most. However, if the Upload File gives the iisexecutable privilege, the upload .jpg image can also execute an ASP Trojan. Haha
The upload format is www.bkjia.com .asp;_200.jpg;he is uploaded in .jpg format, but there is. asp in the middle. This can also execute scripts, which should also be a BUG in IIS.
Solution:
1. The directory that can be uploaded does not allow IIS to execute scripts.
2. Use other software with file protection to prevent *. asp; *. jpg from writing files.
3. All directories can be read. If the written folder is in IIS, change the script to none. If you don't have any friends on the server, you won't be able to get a Trojan, unless you can coordinate the Space Provider to help you with these operations.
 

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More