Strictly according to the external security package video settings to ensure that the server security, in China has thousands of servers in the security package of the structure of the stable operation for many years, if your server is still invaded, check the following content:
1. There is no SQL 2000,mysql run under the normal user rights, this is the most important point, most of the intrusion is the use of the permissions of the database. The specific setting depends on the video of the Extraterrestrial security pack.
2. Use the security pack to close all unused ports, the specific settings to see the video of the extraterrestrial security package.
3. The root directory of all disks cannot have everyone,users read and run permissions.
5. Do not install or use cgi,cgi There are inherent security risks.
6. Do not install any third party software. For example, xx optimization software, xx plug-ins and so on, not to register unknown components on the server.
7. Do not use IE to access any Web site on the server.
8.Mysql to use more than 4.1 version, 4.0 version has a security problem.
9. Do not install pcanywhere or radmin because of their own security problems, you can directly with the Windows 2003 from the 3389, it is more secure than any remote control software.
10. Do not double-click on the server to run any program, or you did not know the Trojan horse.
11. Do not use IE on the server to open the user's hard disk on the Web page, this is a dangerous behavior.
12. Do not browse pictures on the server, Windows has previously been out of GDI + security vulnerabilities.
13. Ensure that your own computer is safe, if your own computer is not secure, the server is not safe.
14. If you use IMAIL, you must use more than 8.2 versions, 8.1 have security vulnerabilities.
15. The Cmd.exe,at.exe,cacls.exe,ftp.exe of the Sytem32 catalogue can only have Adms,system's full authority. (The 0.5 version of the security pack has automatically processed their permissions.)
16. Note the use of the external security package after 2007-2-14, and click [Set TEMP directory permissions], the use of 2007-2-1 after the controlled end, in order to prevent the potential damage asp.net trojan.
17. Any asp,php,asp.net program on the server must not connect the program with the sql2000 sa user or the root user in MySQL, which can cause an intrusion server.
18. After the default installation of Zend, its installation directory, such as "C:\Program files\zend\zendoptimizer-3.2.6\lib\optimizer-3.2.6" with everyone's permissions, this is not safe, You need to change everyone's permissions to read-only and run.
A careful network management, is the last guarantee of server security, according to the above settings, even if your users upload a trojan in their own website, also absolutely affect the server.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
