Prevents aspxspy, Trojan, iis, and other operations by executing commands

For security considerations, set server security. Upload the aspxspy test environment: windows2003 + iis6 +. net2.0 is in security consideration. Set the server security. Upload aspxspy for testing. ASPXSPY Probe 1. disable aspxspy Trojan to execute command elevation and read the registry test method 1: Open C: \ WINDOWS \ Microsoft first. NET \ Framework \ v2.0.50727 \ config \ web. find <trust level = "Full" originUrl = ""/> www.2cto.com <trust level = "High" originUrl = ""/> and Open C: \ WINDOWS \ Microsoft. NET \ Framework \ v2.0.50727 \ config \ web_hightrust.config contains the following sentence: <SecurityClass Name = "RegistryPermission" Description = "System. security. permissions. registryPermission, mscorlib, Version = 2.0.0.0, Culture = neutral, PublicKeyToken = b77a5c561934e089 "/> Delete this sentence to prevent reading the registry from being tested. After performing the preceding operations, the oledb permission on the website is lost, the access database cannot be accessed. Test Method 2: (do not use) % SystemRoot %/ServicePackFiles/i386/activeds. dll % SystemRoot %/system32/activeds. dll % SystemRoot %/system32/activeds. tlb searches for these two files, removes the USER group and POWERS group, and only keeps the permissions of administrators and system. After the test, ports such as 1433, 80, and cannot be remotely connected. I contacted the IDC staff to solve the problem. method 3 (not tested): Disable adsiis in the C: \ WINDOWS \ system32 \ inetsrv directory. dll user permission can prohibit IIS traversal, but listing server details and all processes cannot be solved! It is said that side effects are caused: conflicts with, resulting in remote connection to the server (this problem is not tested, I personally think it is the reason why mssql is not set) Method 4: <system. web> <identity impersonate = "true"/> </system. web> copy the above Code to C: \ WINDOWS \ Microsoft. NET \ Framework \ v2.0.50727 \ CONFIG \ web. config this method has been tested to effectively prevent [execution command] from listing [system information] [user information] [Service]