Windows system >> Computer software Tutorial >> Network tool

Serv-U FTP software attack defense

  
                              

Before reading this article, there are a few points to note.

1. Everyone has full control over the directory and cannot appear on the server.

2. The permissions on the WEB directory are independent. The general case is read and write, no run right

3, ipsec has defined the relevant outbound port access

Serv-u local default management port, log in as the default administrator Create a new domain and user to execute the command. The default local management port of Serv-u V3.x or later is: 127.0.0.1:43958, so only the local machine can be connected. Default administrator:

LocalAdministrator, default password :#l@$ak#.lk;0@P, which is integrated inside Serv-u, can be connected with Guest permission, manage Serv-u
Prevention measures and countermeasures:

The following versions of serv-U v6 can directly modify the files ServUDaemon.exe and ServUAdmin.exe with Ultraedit, and change the default password to other characters of equal length. Open ServUAdmin.exe with Ultraedit to find the last B6AB (43958). Hexadecimal), replaced with a custom port such as 3930 (12345), but because serv-U v6 or lower version Remote buffer overflow vulnerability, it is not recommended to use serv-U v6 or higher version. You can add LocalSetupPortNo=12345 in ServUDaemon.ini, you can change the default management port, and use ipsec to restrict any IP access to 12345 port access, that is, add 12345 port. Block, if you do not change the default port, increase the blocking of port 43958. If you use the "Change password" button, add the MD5 password such as LocalSetupPassword=ah6A0ED50ADD0A516DA36992DB43F3AA39 to ServUDaemon.ini, if you do not modify the default management password. If the original #l@$ak#.lk;0@P is still saved only when the password is empty, plus the management port's limited LocalSetupPortNo=12345.

Of course, the program also needs to change the port's setting directory permissions. By removing the Web directory IIS access user's execution permission to prevent the use of Webshell to run the Exp program, but this method has certain limitations, the directory needs to be set. A lot, can not be a little omission, if there is a directory setting error, it will lead to upload and run Exp in this directory, because the permissions on the WEB are independent, generally read and write. No running rights. Then Uploading other files for execution is unlikely, modify the permissions of the Serv-u installation directory C:\\Program Files\\Serv-U (for example, this directory, but for security, please do not use the default directory), the administrator group is fully controlled. Refuse the Guest group to access the Serv-U directory. This prevents users from using the webshell to download ServUDaemon.exe. Open and analyze the Serv-U account password with Ultraedit, and modify the compile upload operation. The previous work has no effect, because Here the default management port has been modified in the program file, it has also been modified in ServUDaemon.ini, so the default management The staff is not connected.
The last one, because Serv-U is started by the service, the default is to run with System privileges, there will be permission to be promoted. Just change the Serv-U boot user to a USER group user, then there will be no so-called privilege escalation. However, it should be noted that this low-privileged user must have full control over the Serv-U installation directory and the directory or drive letter that provides the FTP service. It has been found that the Serv-U started by the ordinary group user cannot add users and delete users, and everything else is normal.

Network tool
Windows system
What should I do if the U shield password is forgotten? How to reset the U shield password?

U Shield is a tool for online banking electronic signature and digital authentication. It has a buil
Recover accidentally deleted contacts in the Address Book

                  For users who use email frequently, its unthinkable that no user address book is a
Wechat small video where

WeChat upgrade to WeChat 6.0, added a small video function, the circle of friends was also opened by
IE9 browser can not play Flash solution

Many people will encounter the problem that Flash content cannot be played on Internet Explorer 9. T
How to solve the Thunder and IE9 RC incompatibility problem

After the release of the IE9 RC browser, there are a lot of user feedback to start the Thunder crash
Open web browser prompt: This page contains a redirection loop that resolves

The page generated too many redirects. Clearing cookies from this site or allowing third-party cooki
  • Server technology
  • About computer software tutorial
  • Network tool
  • System Tool
  • Image multimedia
  • Software synthesis

    • How to install gpk?

    Win7 64-bit Ultimate system to improve the speed of opening IE browser

    Windows2008 system forgot password solution

    Win7 uses Group Policy to restore the taskbar preview window method

    Win10 first anniversary update Windows Ink smart handwriting official detailed solution

    The phenomenon of RM file corruption under Win7 system and its solution

    How to set Win10 system does not display when you log in, welcome to use Windows10 login to skip the welcome screen setting method

    Windows10's share innovation is low Edge browser encounters Waterloo

    Xp system tips: Prevent changes to desktop settings

    How to uninstall IE10 preview version of Windows7 system

  • Windows XP System Tutorial
  • Windows 7 System Tutorial
  • Windows 8 System Tutorial
  • Windows 10 System Tutorial
  • Windows 2003 System Tutorial
  • Windows 2008 System Tutorial
  • Windows Vista System Tutorial
  • Windows tutorial synthesis
  • Windows Server System Tutorial
  • Linux system Tutorial
  • Computer software Tutorial
  • Windows NT Tutorial
    • Copyright © Windows knowledge All Rights Reserved