【正文】 on of labor results. serverside security technology (1) Directory file protection 1) NTFS permissions. NTFS file system provides more security than the Fat32 file management, file access control through a table (ACL) defines the user access to files and directorylevel permissions, if the user has permissions to open the file, the puter allows the user to access files . Directories and files by setting access rights, the prohibition has nothing to do users of the directory file copy, modify, delete, etc. operations, restrict the invasion of the system. 2) Virtual directory and its property. Virtual directory hide the directory structure on the site of important information, in the Asp environment, a safer approach is to Asp separate scripts and HTML files stored in different directory, will be stored as HTML files readonly attribute will be stored Asp script directory attribute is set to implement. 3) To prevent the document view Asp. IIS or own document, you can view the source code of Asp procedures in order to steal information. Web server can delete or disable access to the documents stored in the files. (2) Restrict access to technology 1) IP address restrictions. IIS will authorize or reject a specific IP address of their visit, by refusing a visit to a specific IP address in order to exclude interference invasion. The setting: A start ISM (Inter Service Manager)。 summar y authentication, only domain controller in the domain has been supported by the work to send its value after a mixed (that is, to use hashing the message digest calculation) rather than password authentication. Integrated Windows authentication, the use of Secure Sockets Layer (SSL) automatically encrypted user name and password. 3) firewall technology. The purpose of the firewall for internal work or host to provide security, prevent unauthorized access to information resources, mandatory for all connections to go through this protective layer. Including the packet filtering firewall and proxy two, packet filtering is a specific IP address for the services provided by the host, and its basic principle is that in the IP work layer and IP packet intercepted exchanges of information, to determine whether to forward this IP packet. Acting on the basic principles of Web services to construct a single agent, does not allow clients directly interact with the server, it is necessary to be both agent interaction information. In the actual build, it is usually provided by the filter the firstclass security protection, and then from the proxy server to provide more advanced security mechanisms. (3) Auditing and monitoring technology. Responsible for safety audits of all kinds of surveillance systems and securityrelated incidents, generating security logs, and provide strategy, designated to review the types of security incidents. Specific settings: in the Administrative Tools Local Security Policy Local Policies Audit Policy to open the necessary audit. In addition to the security log, system log and application log monitoring tools are also very good, and they record the user from the registry until the whole process for work security and provide a reliable basis for analysis. (4) SSL security mechanism. SSL (Secure Socket Layer) is a run on Http and TCP layer between layers of security protocols to ensure that the transmission of information security. SSL is in the public key and private key on the basis of, any user can access the public key to encrypt data, but data must be decrypted by the corresponding private key. Currently, SSL has been on the Inter as a Web browser and server standard security measures. SSL technology has been established as a result of all the major browsers and Web server process, therefore, only the installation of a digital certificate or server certificate on the server functionality can be activated. After the establishment of SSL security mechanism, and only allow SSL clients and SSL in order to allow the Web site to municate, use the browser to connect to Https: / / address, rather than the URL of