Author: Yun Shu from: http: //www.ph4nt0m.org/ article about the invasion of the script, is the proliferation of the Internet has the potential. Although there is more original, plagiarism is also a lot. Many people use http://whois.webhosting.info to query all domain names of an IP, then find a script vulnerability to enter the server. I don't know if I have not announced, so please don't use it. Ok, I don't have much to say nonsense. I said that I thought that the permission setting method of comparing the safe WIN2000 virtual host is merely the rights setup. I. The software and environment required for the virtual host 1.Serv-U5.0.11 (seems unsafe, but no necessary) 2. Mysql Database 3. MSSQL Database 4.pcanywhere Remote Control 5. Anti-Virus software, I usually use Norton 8.06.php57 .ActivePerl5.8 or more software, in addition to the MSSQL database, other things should be downloaded to the official website to download the recommended version installation. The following start is installation setting, starting from the system installation. Suppose the Windows2000 advanced server version installed, the system is divided into C drive, D disk, and E disk, all of which are NTFS format. II. System port Sets the virtual host, which generally uses the PCANywhere and terminal services to control, and the terminal service is to change the port, such as modifying to 8735 port. Set TCP / IP filtering according to the service to be open. Why don't you use a local security strategy? Personally, TCP / IP screens are strict because this is not explicitly rejected unless otherwise refuses, and the local security policy is allowed unless it is clearly refused. If I understand improper, please advise. The TCP / IP screening is set as follows: TCP port only allows 21, 80, 5631, 8735, 110001, 10002, 10003, 110004, 10005; IP protocol only allows 6; UDP port I have not done a detailed test, I don't dare to say, later Tested again. The 10001-10005 inside the TCP / IP port is the port that sets the PASV mode used in Serv-U, of course, other can be used. Inside the local connection attribute, uninstall all other protocols, leaving only the Internet protocol (TCP / IP), by the way, the Administrator account will be changed to the name of the complex point, and the settings in the local security policy are not displayed for the last login account, lock the account Make a suitable setting. Then restart your computer, which is completed. III. System Permissions Settings Now install software, all software is installed on D disk, e disk as data backup. Install Serv-U to D: / Serv-U first, and Han is cracking, hehe. Then install it to the D disk. Start setting permissions now. First of all, don't say, the C drive, the D disk and the E disk are safely deleted, add the renamed Administrator and System to make them completely control. Advanced reset permissions of all child objects and allows propagation to inherit permissions. Such a system all the files, the directory is all controlled by the renamed Administrator and System, and automatically inherit the permissions of the superior directory, and below will set the corresponding permissions for each directory. Run the ASP and create a database connection requires the file below the C: / Program Files / Common Files directory. Here, set C: / Program Files / Common Files permissions, add EVERYONE, permission to read, list folder directory, read, and run.
