In order to make the server more secure, as well as extraction, backdoor and other programs running, the following settings for the server is very necessary, here are some guide settings, more people can play on their own.
The prerequisite is that everyone set the permissions on all the disks as shown in the following figure: C, D disk
1., Server system disk settings, to prevent some hackers will be installed in the program in C disk, other disk. According to the above settings, basically can not move things. Except for access to system permissions.
prevent files such as Dll,exe,vbs
W3wp.exe,svchost.exe,dllhost.exe
C:windows***.dll
Two * * Matching n subdirectories
C: Windows***.exe
If you think of more you can add, such as some vbs,vbe,hta and so on
Step two: It is very important to extract, to prevent some hackers into the system, the normal user to the specific system administrator level of authority, Impossible
rights to tamper with User a
HKLM
/sam/sam/domains/account/**
Tamper with user rights B
/sam/sam/doma ins/account/**
Third step: For some control of the Web site, do not allow the Web page to modify the settings of files such as js,asp,php
main station ASP
H: webrootjb51***.asp
img ASP
h:webrootb51***.asp
This included process is * to represent any program, FTP does not work, completely solve the problem, but this comparison for users with server control permissions, In general, W3wp.exe code is not allowed to be repaired online.
Step Fourth: A lot of the servers for Serv_u have this installed, which is also needed in addition to changing the default password.
prohibit serv-u R1
w3wp.exe
/software/cat soft/serv-u
prohibit serv-u claim F1W3
W3wp.exe
**/servu*.*