As the ASP itself is a service provided by the server, especially recently by Dvbbs Upfile file, its high concealment and difficult to kill, the site's security poses a serious threat. Therefore, for the prevention and removal of ASP Trojan, for network management personnel put forward a higher technical requirements.
Several large programs were found to have uploaded vulnerabilities, small program is countless, let ASP Trojans occupy the mainstream, get a wide range of use, presumably if you are doing the server, it must be a headache more than it, especially the virtual host users have been tampered with the Web page, data deleted experience, In addition to this kind of behavior after the abhorrence, many customers suffer from no effective preventive measures. Since most of the Web site intrusion is done using ASP trojan, close-up of this article so that ordinary virtual host users can better understand and prevent ASP Trojan Horse. Only space and virtual host users to do a good job of preventive measures can effectively prevent ASP Trojan!
Let's start with a little bit of protection, okay? When it comes to guarding against our natural ASP Trojan principle, I also do not speak, online articles have some, simple ASP Trojan is actually written with ASP Web site procedures, and even some ASP Trojan is the ASP Web site management program to modify. For example, our common ASP Webmaster Assistant, and so on
It and other ASP programs do not have the essential difference, as long as it is able to run ASP space can run it, this nature makes ASP Trojan very difficult to be found. It differs from other ASP programs only in that the ASP Trojan is an ASP program that is uploaded to the target space on the intruder and helps the intruder to control the target space. Serious to get the permissions of the server administrator, to prohibit ASP Trojan running is tantamount to prohibit the operation of ASP, this is not feasible, this is why the ASP Trojan rampant reasons! Someone to ask, is there no way, no, there are ways:
First: From the source, the intruder is how to upload the ASP Trojan? General yo several methods, through SQL injection means, get administrator rights, through the function of backup database will ASP Trojan horse write server. Or into the background through the ASP program upload function loopholes, upload trojans and so on, of course, under normal circumstances, these can upload files of the ASP program are restricted, and most of the ASP files are limited upload. (such as: can upload pictures of the press release, picture management program, and can upload more types of documents, such as forum program, if we upload the ASP trojan, we will find that the program will be prompted, is not directly uploaded, but because of the existence of artificial ASP error and the ASP program itself loopholes, To the intruder to the opportunity to upload ASP Trojan.
Therefore, the key to guarding against ASP Trojan is how to ensure that the virtual host users of their own space in the ASP upload program security, if you are using someone else's program, as far as possible with a more well-known large point of the program, such vulnerabilities naturally less, and try to use the latest version, And often go to the official website to see the new version or the latest patches, there are those database default path Yes, the administrator password default Yes, must be changed to form a habit to ensure the security of the program.
So if you're a programmer, I also want to say that we should be in the Web site procedures should also try to write about the user name and password in the context of the best package in the server side, as little as possible in the ASP file, involving the database connection with the user name and password should be given the minimum authority; A validated ASP page that tracks the file name of the previous page, and only the session from the previous page can read the page. Prevent ASP Home page. inc File leakage problem; Prevent the UE and other editors from generating Some.asp.bak file leaks and so on, especially the upload function must pay special attention to
The above is just some of the requirements of customers, but the space business due to the inability to foresee the virtual host users will upload in their own site what kind of program, and whether there are loopholes in each program, and therefore can not prevent intruders to use the site of the client program itself to upload ASP Trojan horse behavior. The space trader can only prevent intruders from using the compromised site to invade other sites on the same server again. This is also more to prevent ASP Trojan, virtual host users will be strict on their own procedures!
To this end I summed up the ASP Trojan prevention of the Ten Principles for everyone's reference:
1, the user is recommended to upload and maintain the Web page through FTP, as far as possible without installing ASP upload program.
2, the ASP upload program calls must be authenticated, and only allow people who trust to use the upload program.
This includes a variety of news releases, mall and forum procedures, as long as the upload file can be uploaded to the ASP identity authentication!
3, the ASP Program Administrator username and password to have a certain complexity, not too simple, but also pay attention to regular replacement.
4, to the regular website download ASP program, download to its database name and storage path to modify, the database file name must also have a certain complexity. It is recommended that our clients use the database file name extension of. mdb because my company server has the. mdb file anti-download feature.
5, to try to keep the program is the latest version.
6, do not add on the Web Page Admin program landing page link.
7, in order to prevent the program has unknown vulnerabilities, can be maintained after the deletion of the Background Management Program landing page, the next time the maintenance of FTP upload can be.
8, to regularly back up the database and other important documents.
9, daily to more maintenance, and attention to space whether there are unknown sources of ASP files. Remember: One cent sweat, change a point safety!
10, once found to be invaded, unless they can identify all Trojan files, or to delete all files.
All ASP program username and password will be reset before uploading the file, and the program database name and store path as well as the path of the background management program should be modified.
Do the above precautions, your website can only say that is relatively safe, must not be negligent, because invasion and invasion is an eternal war!