URLScan ????? ?? ???????? ???? ????

???? ?????? ???? ??????
???? ID: 326444 - ?? ???????? ?? ?????? ??? ?? ?? ???? ???? ???? ??.
?? ?????? ??????? ???? ??? ?? ??? ???????????? ?? ??? Microsoft ??????? ?????????? ???????? (IIS) ??????? 7.0 ???????? ?? Microsoft Windows Server 2008 ??? ??? ??? IIS 7.0 ???????????? ??? ?????? ??????? ?????? ??? IIS ???????-?????? ?????? ?? ???? ??? ???? ??????? ?? ??? ????? Microsoft ??? ???? ?? ????:
HTTP://www.Microsoft.com/technet/Security/prodtech/IIS.mspx
IIS 7.0 ?? ???? ??? ???? ??????? ?? ??? ????? Microsoft ??? ???? ?? ????:
HTTP://www.IIS.NET/default.aspx?tabid=1
??? ?? ??????? ???? | ??? ?? ??????? ????

?? ????? ??

??????

?? ??? ?? ??? ???? ????? ???? ?? ?? URLScan ????? ???????? ?? exploits ?? ???? ??? ????? ?? ???????? ???? ?? ??? ???????? ???? ?? ??? ???? ?????

URLScan ??????? ????

URLScan ?? ??????? ???? ?? ??? ?? ????? Microsoft ?????? ??????? (MSDN) ??? ????:
HTTP://msdn2.Microsoft.com/en-us/library/aa302368.aspx
???????? ??????? ?? ???, ????? ???? ???????? ?? ????? ?? ?????? ?? Microsoft ???????? ??? ?????::
307608IIS ?? URLScan ?? ????? ????

URLScan.ini ????? ??????? ????

URLScan ?? ??? ??????????? URLScan.ini ?? ?????? ?? ???? ?? ????, ?????? %WINDIR%\System32\Inetsrv\URLscan ??????? ??? ????? ??? URLScan ?? ???????? ???? ?? ??? ?? ???? ?? ???? ??? ?????? ???? Notepad ??? ???, ??????? ???????? ????, ?? ?? ???? ???????

???:??????? ?????????? ???????? (IIS) ???? ???????? ?? ??????? ???? ?? ??? ???????? ???? ?????? ??? ????? ?? ??? ?? ??? ?? ?? ????? ?? ?? ???? ?? ???? ??IISRESET????? ????????? ?? ?????

URLScan.ini ????? ?? ????? ???????? ??? ???:
  • [??????]: ?????? ?? ??????? URLScan ???????? ?? ????? ???? ???
  • [AllowVerbs] ?? [DenyVerbs]: ?????? ?? ???????? (?? ???? HTTP ???????) URLScan ?????? ???? ?? ?? ?? ????????? ???? ???
  • [DenyHeaders]: ?????? ?? ?? HTTP ?????? ??? ?????? ???? ??? ?? HTTP ????? ?? ???? ???? ???? ??? ??? ???? HTTP ?????? ??? ?? ?? ?? ??? ??? ???????? HTTP ????? ???, URLScan ?????? ?????????? ???
  • [AllowExtensions] ?? [DenyExtensions]: ?????? ?? URLScan ?????? ???? ?? ?? ????? ??? ??????????? ?? ????????? ???? ???
  • [DenyURLSequences]: ?? ??? ?? ???????? ?????????? ?? ?? HTTP ??? ?????? ???? ?? ??????? URLScan ?? ?? ???????? ?? ?? ?? ??? ??? ????? ???? ?? ?????? HTTP ?????? ?????????? ???
???????? ??? ??? ?? ???????? ??? ?? ???? ????? ????? ???? ??? ?? ??????

[??????] ??????

?????[??????]??? ???, ?? URLScan ???????? ?? ??? ?????? ?? ???????? ?? ????? ?? ??? ???, ???????? ?????? ??? ????? ?????? ??:
OptionName=OptionValue
?????? ?????? ?? ???? ??????? ??? ??????????? ???:
  • UseAllowVerbs = 1

    ???????? ??? ??, ?? ?????? 1 ?? ??? ??? ??? ?????? ?? ?????? ?? 1 ?? ??? ??, ??? URLScan ???? ???? ??? ???????? ???????? ????? HTTP ??????[AllowVerbs]???? URLScan ???????? ?? ?? ????? ???? ???? ???? ???? ?? ???????? ?? ??????? ???? ??? ??? ?? ?????? ?? 0 ?? ??? ??, URLScan ??????[AllowVerbs]???? ??? ???????? ???????? ?? ????? ???? ???? ???????? ?? ???? ????? ?? ????? ????, ?? ??????[DenyVerbs]????
  • UseAllowExtensions = 0

    ???????? ??? ??, ?? ?????? 0 ?? ??? ??? ??? ??? ?? ?????? ?? 0 ?? ??? ??, URLScan ????? ????? ??? ????????? ??? ???????? ???? ?? ??? ?????? ????[DenyExtensions]???, ????? ???? ?? ????? ?? ??? permits ?????? ??? ?????????? ?????? ?? ?????? ?? 1 ?? ??? ??, ??? URLScan ???? ???? ?????????? ???? ??????? ??? ???????? ???? ?? ??? ?????? ????[AllowExtensions]???, ?? ??? ????? ???? ??????? ?? ??? ?????? ?????
  • NormalizeUrlBeforeScan = 1

    IIS URL ???????? ??? ?? ?????? ??????? ???? ??? ???? ???? ?? ?? ?? ??? ???? ?? ??????? ????? (%) ?? ???? ??? ?? ????? ?????? ?? ???????????? ???? ?? ???? ??? ?????? ?? ???, % 20 ?? ???? ???? ?????, ????? http://myserver/My%20Dir/My%20File.htm ?? ??? ?????? http://myserver/My dir/My File.htm ?? ??? ?????? ?? ???? ??? ??????????? ?? ?????? URL-??????? ???????? ?? ????????? ??? ???????? ??? ??, ?? ?????? 1 ?? ??? ??? ??? ???NormalizeUrlBeforeScan1 ?? ??? ?????? ??? ??, URLScan analyzes decoded ?????? ????? ??? ?? ?? 0 ?? ??? ??, URLScan analyzes undecoded ?????? ???? ????? ??? ??? ????? ?????? ?? ????? ?? ??????? ???? ?? ??? URLScan ?? ?????? hinders 0 ?? ??? ?? ?????? ??? ?????
  • VerifyNormalization = 1

    ??????? ????? (%) ????? URL ???????? ?? ???? ??, ??????? ???? ?????? ?? ????????????? crafted ?? basically ???-??????? ????? ?? ??? ?????? ????? ?? ???? ???? ??? ??? ???? ??, IIS ??? ???? ????? ?? ??? ??? ???????? ?????? ???? ?????? ??????? ?? ???? ??? ???????? ??? ??, ?? ?????? 1 ?? ??? ??? ??? ???VerifyNormalization1 ?? ??? ?????? ??? ??, URLScan normalizes URL ?? ??? ??? ??? ????? ??????????? ?? ??? ???? ??????????? ?? ??? URL URL ?? ????? ??, URLScan ?????? ?????????? ??? ?? ???-??????? ???????? ?? ?????? ????? ?? ????? ???
  • AllowHighBitCharacters = 0

    ???????? ??? ??, ?? ?????? 0 ?? ??? ??? ??? ??? ?? ?????? ?? 0 ?? ??? ??, URLScan ??? ???-ASCII ???? ?? ?? ???? ?? ?????? ?????????? ??? ?? ??????? ?????? ?? ????? ?? ??? ???? ???, ????? ??? ??? ??? ???????, ???? ???-???????? ????? ???? ??????? ?? ??? ?????? ???? ????? ?? ?? ???? ???
  • AllowDotInPath = 0

    ???????? ??? ??, ?? ?????? 0 ?? ??? ??? ??? ??? ?? ?????? ?? 0 ?? ??? ??, URLScan ?????? ???????? (.) ??? ?????? ?????????? ??? ?? ??????? ????? ??? ????????? ?? ??? ?????? ?? ?? ???????? ????? ??? ????????? ?? ??????? ?? ?????? ???????? ?? ??? ??? URL ?? ???? ?? disguise ???? ?? ??? ???????? ?? ????? ??? ?????? ?? ???, ??? ?? ?????? 1 ?? ??? ??, URLScan ?? ???? ?? ?????? http://servername/BadFile.exe/SafeFile.htm ?? ??? ?????? ??????? ??? thinks ?? ?? ??, ?? HTML ??? ?? ??? ?????? ?? PATH_INFO ??????? ??? ?? HTML ??? ?? ??? ?? ??? ??? ???????? ????? (. exe) ????? ?? ??? ?????? ??? ?????? ??? ?? ?????? 0 ?? ??? ??, ?? URLScan ?? ?? ?????????? ??????? ??? ?????????? ?? ??? ?????? ?????
  • RemoveServerHeader = 0

    ???????? ??? ??, ???? ??? ????? ?? ????? ???? ?? ?? ??? ?? ??? ????? ?????????? ??? ??? ?? ???????? ??? ?? ??? ?? ?? ????? ??? ???? ?? ??? ?? ????? ???????????? ?? ?????? ?? ??? ????? ?? ??? ?? IIS ?? ???? ??? ?????? IIS ????????, ???? ??? ????? ?? ??? ??????? ??? ?? ??? ?? exploits ?? ????? ?? ?? IIS ????? ?? attack ???? ?? ?????? ???? ?? ???? ????? ????????? ?? ???? ??????? ???? ?? ???? ???? ???????? ??? ??, ?? ?????? 0 ?? ??? ??? ??? ??? ?? ??? ????RemoveServerHeader?????? 1, ?? ??? ?? ???? ????? ?? ??? ?? IIS ????? ?? ??? ??? ??????? ???????? ??? ??? ??? ??? ?? ???RemoveServerHeader0, ?? ????? ??? ??? ?? ???? ???
  • AlternateServerName = (???? ????????? ???????? ??? ??)

    ???RemoveServerHeader??? ?? 0, ?? ??? ?? ??? ?? ???????? ????????? ?? ????AlternateServerName???? ????? ????? ??? ??? ??? ?? ????? ????????? ???? ?? ??? ?????? ??? ???RemoveServerHeader??? ???? ??? ?? ?? ????? 1, ?? ??? ?????? ?? ?? ?????
  • EnableLogging = 1

    ???????? ??? ??, URLScan % WINDIR%\System32\Inetsrv\URLScan ??? ??? ????? ??? ?? ???????? ?? ?? ????? ??? ???? ?? ??? ?? ??? ?? ???? ???EnableLogging0 ??? ?? ???? ????? ?? ??? ?? ???? ?? ????
  • PerProcessLogging = 0

    ???????? ??? ??, ?? ?????? 0 ?? ??? ??? ??? ??? ?? ?????? 1 ?? ??? ??, URLScan URLScan.dll ?? ????? ???? ?? ?? ???????? ????????? ?? ??? ?? ??? ??? ????? ??? ??? ?? ?? 0 ?? ??? ??, ?? ??? ??????????? ?? ?? ?? ????? ?? ??? ??? ?? ?????
  • PerDayLogging = 1

    ???????? ??? ??, ?? ?????? 1 ?? ??? ??? ??? ??? ?? ??? ?? 1 ?? ??? ??, URLScan ????? ?? ??? ????? ???????? ???? ???????? ??? ????? Urlscan ?? ??? ???MMDDYY. log, ????MMDDYY??? ????? ?? ?????? ??? ??? ?? ??? ?? 0 ?? ??? ??, ?? ??? ?????? ?? ?? ?????, ???? ?? ?????? ?? ??? ????? ??? ???
  • AllowLateScanning = 0

    ???????? ??? ??, ?? ?????? 0 ?? ??? ??? ??? ??? ?? ?????? ?? 0 ?? ??? ??, ?? ??? ?????? ?? ?? ??? ???? ?? ???? ??? ?? ???? ??????? ????? ????????? ???????????? ??????? (ISAPI) ????????? ???? ?? ?? ??????? ????-?????????? ???? ??????? ?? ??? ??? URLScan ???? ????? ?? ??????? ???? ??? ?? ?????? 1 ?? ??? ??, URLScan ???? ?? ??? ??? ??-?????????? ???? ???????, ???? ???? ??????? URL ?? ??????? ?? ???? ?? ???? URLScan ?? ???? ?? ???????? ???? ??? 1 ?? ??? ??? ???? ?? ??? ?? ?????? ?? FrontPage ????? ????????? (FPSE) ?? ???????? ???
  • RejectResponseUrl = (???? ????????? ???????? ??? ??)

    ?? ?????? ?? ?? ????? ?? ???? ?? ?? URLScan ????? ?????? ??????? ?? ?? ????????? ???? ??? ?????? ?? ???? ????? ??? ?? ?????? ?? ??? ??????? ?? ??? ???? ???????? ?? ???????? ???? ?? ??? ??? ????????? ???? ????RejectResponseUrl?? ??? ??? ???? ?????, ???? /Path/to/RejectResponseHandler.asp ???? ?? ??? ??????? ??? ?? ??? ????? ?? URLScan ?????????? ?????, ???? ??? ?????? ????? ????? (ASP) ????? ????????? ?? ???? ???? ?? ????? ?? ????? ????? ?? ?? ????? ?? ???? ???:
    • HTTP_URLSCAN_STATUS_HEADER: ????????? ???? ?? ?? ?? ????? ?????? ??????? ???? ??? ???
    • HTTP_URLSCAN_ORIGINAL_VERB: ?? ????? ??? ?? ?????? (?????? ?? ???, GET, POST, HEAD ?? ????) ?? ??? ?????? ????????? ???? ???
    • HTTP_URLSCAN_ORIGINAL_URL: ?? ????? ??? ?? ?????? ?? ??? URL ????????? ???? ???
    ??? ?? ???RejectResponseUrl????? ?? ??? ?? ???/~*URLScan ???? ?????? ??? ?? ????? ???? ??? ?? ??? ?????? serve ???? ?? ??? IIS ?????? ???? ??, ????? ??? ?????????? ??????? ??? ?? ??? ?? ?????? ?? ??? URLScan ??? ???? ?? ??? ?? ????????? ????? ??? ??? ?? ???? URLScan.ini ?? ??????? ???? ????? ???, ?? ?????? ?? ??????

    ??? ?? ???? ?? ??? ??? ??? ????????? ????RejectResponseUrlURLScan ?? ??????? ??? ?? ????? ???? ??/<rejected-by-urlscan></rejected-by-urlscan>.

  • UseFastPathReject = 0

    ???????? ??? ??, ?? ?????? 0 ?? ??? ??? ??? If this option is set to 1, URLScan ignores theRejectResponseUrlsetting and immediately returns a 404 error message to the browser. This is faster than processingRejectResponseUrl, but it does not permit as many logging options. If this option is set to 0, URLScan uses theRejectResponseUrlsetting to process the request.

The [AllowVerbs] and [DenyVerbs] sections

The[AllowVerbs], ??[DenyVerbs]sections define the HTTP verbs (also known as methods) that URLScan permits. Common HTTP verbs include GET, POST, HEAD, and PUT. ???? ???????????, ???? FPSE ?? ??? ?????? ???? ?? ?????? (WebDAV), ???????? ???????? ????? ?????

?????[AllowVerbs]??[DenyVerbs]???????? ??? ?? ?? ???????? ??? ?? ??? ?? HTTP ?? ???? ???? ?? ????????, ?? ???????? ?????? ?? ????? ???? ?? ????? ?????

URLScan decides ?? ????? ???? ?? ??? ??? ?? ??? ?? ??? ?? ??????UseAllowVerbs??? ??????[??????]???? ???????? ??? ??, ?? ?????? 1 ?? ??? ??? ??? ???UseAllowVerbs1, URLScan ???? permits ?????? ??? ???????? ???????? ????? ???? ?? ??? ??? ??[AllowVerbs]???? ???? ?? ?? ?? ????? ????? ???????? ?????? ???????? ?? ???? ??? ?? ?????? ???,[DenyVerbs]??? ?? ????? ???? ???? ???

???UseAllowVerbs??? ??, 0 URLScan denies ?????? ??? ?????? ??? ?? ???????? ???????? ????? ????[DenyVerbs]???? ??? ?? ?????? ?? ?? ?? ??? ??? ????? ???? ???????? ????? ?? ?????? ???? ?? ?????? ???, URLScan ??????[AllowVerbs]????

[DenyHeaders] ??????

????? ??????? ??? ??? ????? ?? ??? ????? ?????? ???? ??, ?? ?? ?????????? ?? ?? ?????? ?? ???? ??? ???????? ??????? ??? ??? HTTP ????? ??? ??????? HTTP ????? ??? ??? ????? ????? ???:
  • ?????:

    ?? ????? ??? ??? ??? ????? ?? ??? ???
  • ??????? ????:

    ?? ????? ??? ??????? ????? ?? ???? ??? ?? ?? ????? ???????? ?? ????????? ???? ???
  • ??????????-?????:

    ?? ????? ??? ?? ????? ?????? ??????? ?? ??? ????
  • ??????? ?? ???:

    ?? ????? ??? ??????? ?? ?????? ???? ?? ?? ??????? ??????? ?? ????????? ???? ???
??????? ???? ????? ??? ?? ???????? ??????? ????????? ???? ?? ??? ????? ?? ????? ?? ???? ???

?????[DenyHeaders]??? ???, HTTP ????? URLScan ???????? ???? ?? ?? ?????????? ??? URLScan ?? ?? ??? ??? ???????? ???? ?? ???? ??? ?????? ??????? ???? ??, ?? ?????? ?????????? ?? ??? ?? ?????? ??? ???? ?? ??? HTTP ?? ?? ???? ?? ????? ???, ???????? ????? ??? ??? ?????? ?? appearing ?? ???? ???? ??? ??????????? (:) ?????? ?????? ???? ???? ?? ???? (for example,Header-Name:).

The [AllowExtensions] and [DenyExtensions] sections

Most files have a file name extension that identifies what kind of file they are. For example, file names for Word documents typically end in .doc, HTML file names typically end in .htm or .html, and plain text file names typically end in .txt. The[AllowExtensions], ??[DenyExtensions]sections permit you to define extensions that URLScan will block. For example, you can configure URLScan to reject requests for .exe files to prevent Web users from executing applications on your system.

Both the[AllowExtensions]??[DenyExtensions]sections have the same syntax. They are made up of a list of file name extensions, and each extension appears on its own line. The extension starts with a period (.) (for example, .ext).

URLScan decides which section to use based on the value ofUseAllowExtensions?????[??????]???? ???????? ??? ??, ?? ?????? 0 ?? ??? ??? ??? ???UseAllowExtensionsis set to 0, URLScan only denies requests for file name extensions that are listed in the[DenyExtensions]???? Any file name extensions that are not listed in this section are permitted. The[AllowExtensions]section is ignored.

???UseAllowExtensionsis set to 1, URLScan denies requests for any file name extensions that are not explicitly listed in the[AllowExtensions]???? Only requests for a file name extension that is listed in that section are permitted. The[DenyExtensions]section is ignored.

URLScan ????????? ???? ?? ?? ??????? ?? ??? ?????? ?? ?????? ???? ?? ??? ???????? ???? ?? ??? ???? ???? ?? ???? ??? ???????? ??????? ?? ??? Microsoft ???????? ??? ???? ????? ?? ??? ????? ???? ?????? ?? ????? ????:
312376IIS ??? ?? ?? ????????? ?? ??? ?????? ?? ?????? ???? ?? ??? URLScan ?? ???????? ???? ????

[DenyUrlSequences] ??????

?? URLScan URL ??? ?????? ?? ??? ??????? ??? ???????? ?? ??????? ???? ?? ??? ???????? ?? ???? ???? ?????? ?? ???, ???? ?? ?????? ???????? (.), ?? ????? exploits ?????????? traversal ???????????? ?? ??? ???? ?? ??? ????? ??? ???? ??? ?????? ?????? ????? ?? ???? ???? ??????? ???? ?? ??? ??? ???? ??????? ????????? ????, ?? ??? ?? ???? ?? ?? ???? ??? ????? ?? ??????[DenyUrlSequences]????

????? ??? ?? ???? ??????? ?? ???? ???? adversely ???????? Outlook ??? ?????? (OWA) Microsoft Exchange ?? ??? ??? ?? ?? ??? ????? OWA ?? ????? ???, ????? ?? ???? ?????? ??? ????? ?? ?????? ???? ??? URL ????? ??? ??????? URLScan.ini ????? ???? ?? ?????? ?? ?????? ??????? ????? (%) ?? ??????? ???? ?? ?? ampersand ????? (&), ???????????? ?? ?? 404 ?????? ????? ??????? ???? ?? ?????? ????? ?? ??? ??? ????? ???? ???? ?? ??? ???? "100% ?? ?????? ??????"?? "Bob & Sue ??? ?? ??? ?? ???" ?? ?????? ????? ?? ?? ???? ?? ??? ?? ?? ??????? ?? ????? ???? ???[DenyUrlSequences]???? ??? ?? ?? ?? ?? ?? ???? ??????? ??????? ?? ?????: ????? ?? ??????? ?? ??? damaging ?????? ?????? ???? ???

???????? ??????? ?? ???, Microsoft ?????? ??? ??? ???? ????? ?? ??? ????? ???? ?????? ????? ????::
325965URLScan ????? Outlook Web Access ??? ???????? ???? ?? ???? ??

URLScan IIS-?????? ??????????? ?? ??? ????? ?? ??? ???????? ????

????????? ?? ???? Exchange, FPSE, ?? Microsoft Visual Studio .NET ?? ?????? IIS ??? ??????????? ?? ???? ??? ?? ???????? ???? URLScan ??? ??? ??, ?? ??????????? ??? ???? ?? ??? ?? ????? ?? ????

?? ??????????? ?? ??? ????? ???? ?? ??? URLScan ?? ???????? ???? ???? ?? ???? ??? ???????? ??????? ?? ??? ?????? ?? Microsoft ???????? ??? ????? ?? ??? ????? ???? ???????? ?? ????? ????:
309508?? Exchange ?????? ??? IIS ??????? ?? URLscan ???????????
309394FrontPage 2000 ?? URLScan ?? ????? ???? ????
318290FrontPage 2002 ?? URLScan ?? ????? ???? ????
310588??????? ?????? asp.NET Visual Studio .NET ??? ??????? ?????

???? ???????

??? Urlscan.ini %WINDIR%\System32\Inetsrv\URLscan ??????? ??? ????? ???? ??, ??????? 404 ?????? ??????????? ??????? ??????? ?? ?????? ?? ?? ???? ?? ??? Urlscan.ini ????? ?? ????? ?? ???????????? ???? ?? ??? ????? ????? ?? Urlscan.ini ????? ?? ????????? ??????

??????

???????? ??????? ?? ???, Microsoft ?????? ??? ??? ???? ????? ?? ??? ????? ???? ?????? ????? ????::
325864IIS ??????? ??????? ?? ????? ???? ?? ??????? ???? ?? ??? ???? ????

???

???? ID: 326444 - ????? ???????: 04 ?????? 2010 - ??????: 2.0
???? ???? ???? ??:
  • Microsoft Internet Information Services 5.0
??????: 
kbhowtomaster kbmt KB326444 KbMthi
???? ?????? ????????
??????????: ?? ???? ?? ???? ??????? ?? ????? ?? Microsoft ????-?????? ?????????? ?????? ?????? ???? ??? ??. Microsoft ???? ??? ????-???????? ?? ????-???????? ????? ?????? ?? ???? ???????? ???? ?? ???? ????? ????? ??? ?? ??? ?????? ?? ???? ???? ???? ??? ????? ??. ???????, ????-???????? ???? ????? ???? ???? ???? ???. ?????, ????????, ?????-???? ?? ??????? ?? ???????? ?? ???? ???, ???? ?? ??? ?????? ???? ???? ??? ????? ??? ?? ???? ??. Microsoft ??????? ??? ???? ?? ?????? ?? ??????????, ????????? ?? ??? ?????? ?? ???? ????? ?? ???? ???????? ?? ??? ???? ????? ?? ??? ????????? ???? ??. Microsoft ????-?????? ?????????? ?? ????? ?????? ?? ?? ??? ??.
?????????? ?? ??????? ????????? ??????? ??:326444

??????????? ???

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com