1) Remove the Trojan page
Delete the existing Web page in the Trojan, the main there is such a similar code:
These features appear above the code, if containing a URL does not own the site, it is basically a Trojan in the. We are the more common Trojans is
Trojan has been cleared, google, or be shielded on the. At this time wanted a way to get google to re-crawl the site reptiles, updated search results. In this way, the site shielding can be lifted. A means to stimulate the google update The following are some:
1) continuously updated web site home page articles;
2) To re-submit your site to google maps;
3) for the site to find a number of high-quality outer chain;
4) Application for review. When the site has the virus, in the google webmaster tools within the "diagnosis" page there will be a prompt, that site contains malicious code, and then will prompt you can "apply for audit" fill in relevant information to submit.
Some of the above methods can stimulate the google crawler can be "quick to the scene," quickly update the site's search results.
I order for more than a good idea after 9.14 that day to the site's administrator in accordance with the relevant details of the requirement to deal with the matter. Until 9.21, google lifted the shield of the site. The background into the google found that, google came at 9.14 that day to re-crawl a web page. Web pages may be updated to catch up. From the beginning of the disarmament work of 9.14 to 9.21 was removed from operation, just experienced one weeks.
As the ASP is the server itself provides a tribute service function, especially in the recent paper by the dvbbs of upfile loophole since its high degree of concealment and difficult to killing nature of the site's security posed a serious threat. Therefore, for ASP Trojan horse prevention and removal, to network managers set a higher technical requirements.
Several large programs have all been found to upload vulnerability exists, the small program is even more numerous, so what accounts for asp Trojan mainstream, widely used, presumably if you are doing server, it must be more than a headache for this bar, in particular, is the virtual host users have encountered web pages have been tampered with, the data is deleted the experience, and afterwards in addition to such acts of hate, many customers also by a lack of effective preventive measures. As the majority of sites are using asp Trojan invasion completed, close-up in this article so that the average virtual host users can better understand and prevent asp Trojan. Only space providers and virtual host user common preventive measures can effectively prevent asp Trojan!
We first look at how kind of prevention is good when it comes to guarding against natural for us to the principle of the asp Trojan, and major principle I do not talk about, and plenty of online articles, a simple Trojan horse that is using asp web site asp write programs and even some from the asp web site asp Trojan horse is a change management process came. For instance, we often asp on the owners assistant, and so on
Asp program does not have it and other essential difference, as long as the space will be able to be able to run asp to run it, and this nature makes the asp Trojan is very difficult to be found. It and other asp program asp Trojan was only difference is that an intruder uploaded to the target space, and to help control target space invaders asp program. Seriously in order to gain the server administrator privileges, in order to prohibit asp Trojan running would be tantamount to prohibit the operation of asp, apparently it does not work, which is the reason why the asp Trojan rampant! Someone to ask, is not no other way it, no, there are ways to:
First: start from the source, how do intruders Trojan asp upload it? General yo are several ways, through the sql injection means to obtain administrator privileges, by backing up the database server functions will write asp Trojan. Or go back through the process of uploading asp loophole, upload Trojan horses, etc., of course, under normal circumstances, they can upload files asp programs are restricted access, most also limited the asp file upload. (For example: You can upload pictures of the press releases, a photo management program, and more types of files can be uploaded the forum program, etc.), if we direct upload asp Trojan, we will find that the program will hint that it is not directly upload, but because of human error and asp program asp to set their own vulnerability, giving intruders an opportunity to achieve upload asp Trojan.
Therefore, the focus of prevention asp Trojan is that the virtual host user how to ensure that space, asp upload their own safety programs, if you are using someone else's program, then try to use a little known procedure for large-scale 1:00, so naturally a little less vulnerability , and make full use of the latest version, and to always go to the official website Check out the new version, or is the latest patch, there are those that the database default path ah, the administrator password by default ah, must be changed, the formation of habits assurance procedures for safety.
So if you are a programmer, I would like to say that the procedure is that we should also be on the site as far as possible from a security point of view concerning the preparation of procedures for the user name and password is best encapsulated in the server side, as little as possible in the ASP file appears related to the database to connect to a user name and password should be given the minimum permissions; need a proven ASP pages, can be tracked on a page file name, only the side switch to come in from the previous session to read this page. To prevent the ASP home page. Inc files leak problems; to prevent the UE generates some.asp.bak file editor, such as leakage problems, and so in particular the upload feature must pay special attention to
The above are only some of the requirements of the customer, but the space can not be foreseen by the virtual host users to upload their own site, what kind of procedures, as well as the existence of loopholes in each program, it can not prevent an intruder in the client application itself, using a site vulnerability upload asp Trojan behavior. Space will only be able to prevent intruders to use the site has been re-invasion of the invasion on the same server behavior of other sites. This also reinforces the need to prevent asp Trojan, the virtual host the user must program their own strict control! For which I summed up the ten principles ASP Trojan guard for your reference:
1, it is recommended users to ftp to upload, maintain web pages, try not to install the asp upload process.
2 pairs of asp upload process called authentication must be carried out, and only allow trusted people to use uploader.
This includes a variety of press releases, Mall and the Forum program, as long as you can upload files asp authentication should be carried!
3, asp program administrator's user name and password to have a certain complexity, can not be too simple, but also at regular replacement.
4, to the regular website asp program, download and store the database name you want to modify the path, the database file name should have a certain complexity.
5, we should try to maintain the program is the latest version.
6, do not add the word on the page background management program landing pages.
7, in order to prevent the program has known vulnerabilities that can be deleted after the background in the maintenance management program landing page again when the next maintenance can be uploaded via ftp.
8, one should always back up the database and other important documents.
9, should be more routine maintenance, and pay attention to whether there is space in the asp file of unknown origin. Remember: a sub-sweat, for a sub-safe!
10, once the invasion is found, unless he can identify all the Trojan files, or you want to delete all the files.
To re-upload files, all asp program user name and password must be reset, and to re-modify the program name and store the database path and the path of the background management procedures.
Do the above precautions, your site can only be said to be relatively safe, and must not be negligent, because the invasion and counter-invasion is a perpetual war!
No comments:
Post a Comment