Microsoft Urlscan Filter v3.0 英文版

名稱：Microsoft Urlscan Filter v3.0 英文版

版本：3.0

類型：免費套件，外掛在Windows 環境中 IIS Server上。

發佈日期：2008/8/20

系統需求：

• Windows Server 2008 IIS 7.0
• Windows Server 2003 IIS 6.0
• Windows Server 2000 IIS 5.0
• Windows Vista          IIS
• Windows XP             IIS 5.1

下載處：

• Microsoft Urlscan Filter v3.0(x86) 英文版
• Microsoft Urlscan Filter v3.0(x64) 英文版

##CONTINUE##

套件說明：

URLScan 是 ISAPI 篩選器，可讓網站系統管理員限制由Web伺服器處理的 HTTP 要求類型。藉由封鎖特定 HTTP 要求，URLScan 篩選器可預防具有潛在危害的要求、語法或指命傳到伺服器，進而造成Web伺服器的損害。

UrlScan 在3.0 的版本中，特別加強了對SQL Injection 的攔截防護。(註：請參考該文章 Common UrlScan Scenarios 說明)

 

套件主要功能：

• Creating Rules to Disallow String Patterns in Parts of Requests
• Rule to Block SQL injection Signatures
• Creating Safe-List For URLs and Query Strings
• Setting Limits on Parts of Requests
• Disallowing Certain Types of Requests
• Using UrlScan Logging

 

線上影音說明(英文)：

Internet Information Services Configuring IIS Using the IIS Lockdown Tool and the URLScan Tool

 

UrlScan v3.0 介紹：

UrlScan v3.0 is an upgrade to UrlScan v2.5 which was originally released as part of the IIS Lockdown Tool. UrlScan v3.0 maintains compatibility with its predecessor, so if you have a configuration file for the older version, you can use your existing configuration file with UrlScan v3.0 and the behavior will be identical. Like its predecessor, UrlScan v3.0 is an ISAPI filter that reads configuration from a urlscan.ini file and restricts certain types of requests (enumerated in urlscan.ini) from being executed by IIS. An IIS web server administrator can add, modify and extend UrlScan configuration to further restrict the types of HTTP requests that will be served by IIS. By filtering unusual requests, UrlScan will help prevent such requests from reaching application code, where they may potentially cause damage to the application or server. UrlScan v3.0 will install for IIS 5.1 and later, including IIS 7.0 for Windows Server 2008.

UrlScan v3.0 Features

UrlScan v3.0 maintains feature and functionality parity with its predecessor (UrlScan v2.5). The configuration format is the same, but includes a few additional sections that can be used for the new features. If you are currently using UrlScan v2.5, you can use the same urlscan.ini configuration file with UrlScan v3.0.

New Features

• Deny rules can now be independently applied to query string, all headers, a particular header, URL or a combination of these.
• A global DenyQueryString section in configuration lest you add deny rules for query strings with the option of checking the un-escaped version of the query string as well.
• A global AlwaysAllowedUrls section in configuration lets you specify safe URLs that will bypass all URL based checks. This feature has been added post UrlScan v3.0 Beta.
• A global AlwaysAllowedQueryStrings section in configuration lets you specify safe query strings that will bypass all query string checks. This feature has been added post UrlScan v3.0 Beta.
• Using escape sequences (like %0A%0D) can now be used in deny rules so it is possible to deny CRLF and other sequences involving non-printable characters.
• Multiple UrlScan instances can now be installed as site filters, each with its own configuration and rules (urlscan.ini).
• Configuration (urlscan.ini) change notifications will be propagated to IIS worker processes so you won’t have to recycle your worker processes after making a configuration change. Logging settings are the only exception to this.
• Enhanced W3C formatted logging that will give descriptive configuration errors in the Remarks header. This feature has been added post UrlScan v3.0 Beta, which did not have W3C formatted logs.

套件安裝方法，請參閱下列相關連結的設定。

 

相關連結：

How To：使用 URLScan (中文)

How to Configure URLScan 工具 (中文)

設定 IIS 使用 「 IIS 鎖定 」 工具和 URLScan 工具 (中文)

UrlScan Security Tool (英文)

Using UrlScan (英文)

Common UrlScan Scenarios (英文)

UrlScan Setup (英文)

UrlScan FAQ (英文)