Key Points of server security check

Strictly Following the video settings of the off-Star security package ensures server security. Thousands of servers in China have been running stably for many years using the security package structure. If your server is still infiltrated, check the following content:

1. Have you run SQL 2000 and MySQL with the permissions of common users? This is the most important thing. Most of the intrusions are performed using the database permissions. The specific settings should refer to the video of the off-Star security package.

2. Use the security package to close all unused ports. The specific settings should be shown in the video of the off-Star security package.

3. the root directory of all disks cannot have the read and run permissions of everyone and users.

4. Enhanced PHP security: http://7i24.com/support/freehost/php/107301209072.htm

5. Do not install or use CGI. cgi has inherent security risks.

6. Do not install any third-party software. For example, XX optimization software and XX plug-in, do not register unknown components on the server.

7. Do not use IE on the server to access any website.

8. MySQL 4.1 and later versions are used. There are security problems in MySQL 4.0.

9. Do not install pcAnywhere or Radmin because they have security problems. You can directly use Windows 2003 3389, Which is safer than any remote control software.

10. Do not double-click on the server to run anyProgramOtherwise, you will not be aware of the Trojan.

11. It is dangerous not to use IE on the server to open webpages on users' hard disks.

12. Do not browse images on the server. In the past, Windows experienced a GDI + Security Vulnerability.

13. Make sure that your computer is safe. If your computer is not safe, the server cannot be safe.

14. If you use IMail, you must use version 8.2 or later. Version 8.1 has serious security vulnerabilities.

15.check. exe,at.exe,cacls.exeand ftp.exe of the sytem32directory only have the permissions of ADMs and System. (security packages of version 0.5 have the permissions to automatically process them .)

16. Be sure to use the out-of-Star security package after-2-14, and click [set temp directory permission] to use the controlled terminal after-2-1 to prevent potential damage to the Asp.net Trojan.

17. Any ASP, PHP, and Asp.net programs on the server cannot be connected to the program by using the SA user of SQL2000 or the root user in MySQL. This will cause intrusion into the server.

18. after Zend is installed by default, its installation directory, such as "C: \ Program Files \ Zend \ ZendOptimizer-3.2.6 \ Lib \ Optimizer-3.2.6" has all the permissions of everyone, which is not safe, you need to change the everyone permission to read-only and run.

An always-careful network management is the final guarantee of server security. After setting the above rules, even if your users upload trojans on their own websites, it will never affect the server.