Let IIS support the detailed setting method of Flv

The majority of domestic Win2003 hosts, FLV format file upload server can not play, the default is not specified output FLV format, although FTP can be seen inside, but can not be accessed through http, it can not play. The reason is that WIN2003 enhances MIME authentication for IIS6, and all unregistered extended file formats display 404 errors. Manually add the MIME mapping relationship to the HTTP header->MIME in the IIS site attribute. The MIME type: video/x-flv extension: .flv can be played through the Flash7+ client Load.
"Virtual host does not support Flv format file" problem: For example, your Flv file name is 1.flv, build a directory named "1.flv" on the virtual host, put your Flv in this directory Format the file, rename it to: index.htm, and that's it, the file name and address in the player remain intact.

Let IIS support Flv's detailed setting method:
IIS-->Website--->Properties--->HTTP Performance--->MIME Type--->New :
Extension: flv
MIME type: flv-application/octet-stream

You must set the content

1: Active Server Pages in "Web Service Extension" , Internet Data Connector, RPC Proxy Service Extension, and include files on the server side must be set to allow status

2: "Website" - "Properties -" Home Directory -> Configuration - "Options -" Start Parent path

3: "Website" - "Properties - "Services -" in the isolation mode, select "Run WWW service in IIS5.0 isolation mode"

4: Start -> Program - "Administrative Tools -" Service. Find the RPC service, double-click - "Login -" to allow the service to interact with the desktop

This can run asp Server.CreateObject("WScript.Shell") under Windows2003

I originally wanted to use asp.net to do this program, and this problem has always existed in asp.netzh. So the use of asp
in asp can achieve the function. I have not done it under asp.net, if you are interested, you can try it!

2: Solution:

1 Delete or rename the following dangerous ASP components: //This article is from www.45it.com
Wscript.Shell, Wscript.Shell. 1. Wscript.Network, Wscript.Network.1, adodb.stream, Shell.application
Start------->Run--------->Regedit, open the registry editor , press Ctrl+F to find, enter the above Wscript.Shell and other component names and the corresponding ClassID, then delete or change the name (I suggest you rename it here, if some webpage ASP programs use the above components, just When we write the ASP code, we can use the changed component name. Of course, if you are sure that the above components are not used in your ASP program, you can still delete some ^_^, as usual. Generally speaking, these components will not be implemented. After deleting or changing the name, iisreset can be activated after restarting IIS.)
[Note: Since Adodb.Stream this component will be used in many web pages, so if If your server is a virtual host, it is recommended to handle it. ]

2 About the File System Object (classid: 0D43FE01-F093-11CF-8940-00A0C9054228) is often said to be a FSO security issue, if your server must use FSO, (partial virtual host server) Generally need to open FSO function) can refer to my own article on FSO security solutions: Microsoft Windows 2000 Server FSO security solutions. If you are sure you don't want to use it, you can directly register this component.

3 Direct anti-registration, uninstall these dangerous components: (actually do not want to use 1 and 2 such cumbersome methods)

Uninstall wscript.shell object, under cmd or directly Run: regsvr32 /u %windir%\\system32\\WSHom.Ocx

Uninstall the FSO object, run it under cmd or directly: regsvr32.exe /u %windir%\\system32\\scrrun.dll

Uninstall the stream object, run it under cmd or directly: regsvr32 /s /u "C:\\Program Files\\Common Files\\System\\ado\\msado15.dll"

If you want to recover, just remove /U You can re-register the above related ASP components such as: regsvr32.exe %windir%\\system32\\scrrun.dll

4 About Webshell use set domainObject = GetObject("WinNT://.") to get the server The process, service, and user information protection, you can stop and disable the Workstation [provide network link and communication], that is, the Lanmanworkstation service. After this processing, the Webshell display process will be blank.

3 After processing the dangerous components of ASP according to the methods of the first and second methods, the test was carried out with the asp probe of Ajiang. The "server CPU details" and the "server operating system" could not be found at all. Blank. Using the Ocean Test Wsript.Shell to run the cmd command also prompts Active to be unable to create an object. Everyone can no longer be bothered by the ASP Trojan that compromises the security of the server system.

Of course, server security is far from these. Here is just some of my experiences in dealing with ASP Trojans and Webshells. In the next article, I will introduce you how to prevent others from executing commands such as net user on the server, anti-overflow attacks to get cmdshell, and the most to perform adding users, changing NTFS settings to terminal login, etc. Simple and effective prevention method.