window| E-commerce | design | Scaling Remember that records require a lot of information, which will allow us to use those resources for other services. Click Okey. The next change is to go directly into the registration, work at any time in the registration, and remember that you want to follow a rule that people often discuss, do a backup of your registration and work from that backup.
Of course we're going to break this rule in this demo. We open this registration and our first setting is set to the TCP parameter. We didn't want to run out of user ports, so we set it up very large. A large window size works better for high-speed networks and TCP stops when the window is filled.
Next, we enter the H key Area computer system (H key local Machine system). That's what we're going to do. The current control settings, services, and then the TCP keyword, which is below the list. These parameters are connected in it. We want to add a new value called the maximum user port.
Now, the largest port is already there. If not, you go forward and add to the maximum user port. The string you want to enter is Oxffe and you want to leave it as a Reg s Z. By entering it, you will allow our system to have the resources it needs. This setting opens the port for very advanced users.
We also want to increase the TCP window size values, which we have added. Moreover, it is a Reg s Z with a value of ox4470. This sets the window size larger for the high-speed network.
Finally, we want to set the processor thread's maximum setting to a very small value. This changes the number of threads allowed for each IIS to MTS, and this reduces the amount of system resource content. So we have to remove the TCIP keyword.
We're going to extend the W3SVC keyword as well as the ASP part, then the parameters below it. That is the maximum value of the processor thread. Now it's empty. I recommend setting it to 10 because 10 is a good setting at first.
Now, remember that you have to monitor yourself for the performance on your particular computer. You want to lower your monitoring performance value. If the performance drops, go back to the previous value. If you feel low, increase it.
What you've seen in this demo is the best example of optimizing your system and ecommerce site for usability and reliability by using the admin console or the Register editor.
We are now back on the slide screen. Another of the best things to do in this section is to keep the HTML output as minimal as possible. Remember, less than 2KB. We want to keep the image file very small. The average is about 20KB. About small about the good. Reuse these image files as much as possible. Remember, you can take advantage of user caching. Keep short filenames and paths to reduce the number of bytes.
Analyze your HTML output. Counts each byte at a rate of 28k baud. Keep this in mind when you go down.
Some additional optimizations and suggestions are that you may want to abort unwanted services in your IIS system or other servers you may have. Remove unwanted URLs and Internet Information Server services (Internet Information Server services). It's best to remove the sample site if you don't need to use them.
Remove unwanted extension images. Make sure that IIS is positioned to boot automatically so that when the panic occurs, it will be rebooted directly. This is a security issue that you should be aware of.
Get rid of your screen protection. Use white space. If you find a limit you can add some processors, and finally you can upgrade to sequel Server 7.0, which allows you to use Network Load Balancing and consider separating your search and validation database options into other servers. This allows you to expand and move forward, and you can expand and shrink as you need.
What have we learned? Well, we have a general overview of win DNA at a higher level. We've seen the difference between Tier 2 and Level 3. We've seen how to optimize our site and at the end we saw how to focus on the site.
What we're going to talk about now is that if you have a security problem, your site will have no value, because a secure site is a better site. This is very useful, and security will ultimately be about survival or not.
Next we'll discuss creating a security environment, now. Remember, the biggest problem and what most people forget is physical security. The research shows and statistics show that the most common hackers are not from external threats, but from disgruntled employees.
You want to be sure to physically protect your server. Make sure they don't get shaken. Make sure they're in a locked dome. Make sure your network is secure and has a firewall or proxy system. Make sure your system is safe and that there is a lockdown strategy for the accounts.
Make sure you have a security policy setting. Make sure you have a continuous operation of security. Determine someone's duties rather than just let them have a look when they are free.
Let's take a look at the security Web site structure. This is a huge website structure, forward. This is a huge website structure that we work on. The reason we show you this slide is that you can see the Web users and firewalls, and note that we have an external zone and a development server, as well as our ERP system, and please note the firewall between it and the DMZ (the unguarded zone).
Note that we have sequel components, integrated servers, and IIS servers in our zone of alert. By separating our unguarded zones and tiered servers from our back-end servers, we protect the back-end servers from any attacks from the Internet, as well as the Internet being attacked from within our network.
To protect certain areas you have to remember that you can use the authentication and startup directory design model. Make sure your server task is correct. The user's group, file system, or registration, member information is correct. Make sure your format is set correctly, and your cookies finally come to the appraisal. Compile and decompile through the decom Config nts. Determine the task. CIP, CIPM, new type of business negotiation server, all of these are the areas you want to protect, the focus is, of course, on port attacks on IP ports such as network protocols, sequel servers and Odpcds terminals. Most people do not consider creating a protection in the site server and creating a connection string with the CSC file.
Now we have a Windows NT tool in Windows 2000 that has a lot of security, but you have to go to specific places to make security settings on the target items.
In Windows 2000, we have this new security management tool, which we call the Security Configuration and Analysis tool (Configuration and analytics Tool). Now security touches many different aspects of the system. You need better configuration analysis tools, and Security Configuration and analysis Tools (Configuration and analytics Tool) let us do this.
We can configure it at the macro level. We can also analyze and report at the macro level. Before we start analyzing and managing tools, let's talk about some other tools and techniques.
When we start this part, we're going to discuss the back door, which is now a major problem. Denial of service. We're going to talk about server choreography, which is a new issue, and we're going to discuss more tools and more other issues.
When we discuss the backdoor, of course we talk about back orifice. Everyone has heard of back orifice. This is the back door. It is a program that allows hackers to access a system bypass security control, literally entering the back door of your system. The Back Orifice tool was introduced in August by cult of the Dead cow in 98.
This hacker tool has received a lot of attention through communication. You can see the URL for the cult of the Dead cow. What can back orifice do? Well, it can allow remote control over computers that use 95, 98, and possibly win 2000.
If I try to get you to install it, I'll have your computer. The attacker will control your screen and keyboard. It records the keystroke. It can lock or restart the computer. It can enter the detailed system information. It can collect keys. It can copy, rename, delete, view, and search for files and directories. Cult of the Dead Cow says that actually back orifice can have more control over the system than you do before you sit at the keyboard.
In fact it can do anything in this terminal, including registration control; This is not an empty threat.
The service was rejected. There are many questions about denial of service in the latest news. There are countless forms of denial of service attacks. The denial of service attack, in effect, is that it makes it impossible for legitimate users to use the system and keep the system busy causing the site to bog down.
There are also direct broadcast attacks, which are more often referred to as Smurf attacks. The most recent issue of security in two weeks is exposure to interactive site scripting security. Now, this is a new problem that threatens everyone, not just Microsoft.
There are some pages that only generate HTML that is affected. So keep in mind that if your Web page embeds browsing input into a dynamic page, in other words, it is created and it embeds input from the user, and then your server may be manipulated to include content that allows malicious script to execute on your server and is slightly modified.
Remember that today's Web pages contain not only HTML but also scripts, targets, and encodings, due to online processing. These scripts cannot now execute this server. Within HTML, a particular character is designed to be the specified character, so the server and browser can distinguish the characters that the user sees and the system functions.
It is now used to insert these characters into the communication of the user's server and hide the malicious script. Since scripts are fundamentally programs, this allows malicious coding to be run in your protected and trusted environment
So, for some of its strategies, unfortunately, the network programmer has to manually analyze each page to look for potential vulnerabilities. This is the biggest trouble about the problem. Each page must be manually corrected without automatic tools to do it, because each page is unique.
You can keep the data in the way there is, using the OK page or Microsoft.com security. Examples of the location of a cross site may be simple. When a user logs into a welcome interface on a secure Web site, there may be insulting statements. Search engines may return false or arbitrary results. It could be worse because credit card numbers could be leaked to unauthorized URLs and data could be corrupted. There may also be other forms of attack.
For example, back orifice may be downloaded to a secure server behind your firewall. So now there's a big problem.
Remember, when you move on, you have to consider all aspects of security. There may be new hackers at any time, so be familiar with all the situations. You have to evaluate your environment thoroughly. Balance the Windows 2000 platform, including tools.
Some attacks can be very sophisticated, but tools are easier to use and get. Hackers use these tools to attack you, so you might want to use similar or identical tools to detect and prevent these attacks.
Let's go to Demo 3, which tells us how to use Security Configuration and analysis tools to protect your URLs. Let's go back to the demo screen and show you the demo.
OK, we're going to talk about using the security Manager to protect your Web site. Now, remember that in earlier versions of Winsows security, management was quite arbitrary. You can do all the things loosely.
In Windows 2000, we have a one-time transaction, so it involves security. The problem is that many people do not know how to use Security Configuration and analysis tools, or how to install it and put on a proper security system. This will help you deal with the threats we mentioned earlier.
Before we start using the security manager, let's take a look at how the admin console interface was added to our console. We go into the Start menu and run it. Then we type MMC, which means the Microsoft Management Console. And here we have the varied management console open.
We will now go to the console menu. Select Add/remove snap-in. Now, you have to notice
