Win2K under the configuration Asp+cgi+php+mysql full Raiders
Support Asp+cgi+php+mysql
Install Win2K, install IIS
Indexing Service,
FrontPage Server Extensions,
Internet Service Manager (HTML)
These few do not wear, there are some other, in short, do not wear.
(According to the security principle, the least service + minimum permissions = maximum security.) )
First, open Internet Manager (start--> program--> Management-->internet Service Management)
If it's installed, it has a default site and an SMTP service entry
Select the default site and delete all of the directories below it. (Press the DELETE key on your keyboard)
The easiest way to stop IIS is to start--> run--> into net stop IISAdmin select y return (the command started is: net start w3svc)
Delete the Inetpub directory of C-disk (after stopping IIS for deletion), and create a new directory on the other disk.
In IIS Manager, point to the default site's home directory to the directory you just created
If you need a directory of what permissions you can build yourself slowly, what permissions you need to open.
(Special attention to write permissions and execute the program's permissions, no absolute need not to give, the default is not given, so you do not have to study, hehe ...)
Application configuration: Remove any unwanted mappings that must be in IIS Manager.
Leave the ASP, ASA and other file types you really need to use (except cgi,php, other I think you are useless, delete htw, HTR, IDQ, Ida ...)
Do not know where to delete it?? Methods: Open Internet Services Administration-> Select site-> Properties->www Service-> Edit-> home directory-> Configure-> application mappings.
And then you start deleting them (not all of them, real trouble).
Then change the script error message to send text within the application debug bookmark of the window just now
(Unless you want the ASP to make a mistake when the user knows your program/network/database structure) error text write what?
Whatever you like, you can do it yourself. When you click OK to exit, do not forget to let the virtual directory inherit the attributes you set.
To counter the growing number of CGI scanners, there is a little trick to refer to
In IIS, the HTTP404 Object not found error page is redirected to a custom HTM file through a URL,
Can make most of the current CGI bug scanners fail. In fact, the reason is very simple,
Most CGI scanners are written for convenience by looking at the HTTP code that returns the page to determine if the vulnerability exists,
For example, the well-known IDQ vulnerability is generally by 1.IDQ to check, if returned to HTTP200, it is considered to have this loophole,
Conversely, if you return to HTTP404, you do not think that if you redirect the HTTP404 error message to the http404.htm file through the URL,
Then all the scans, whether they exist or not, will return the http200,90% CGI scanners would think you have any vulnerabilities,
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
