ASP是开发网站应用的快速工具，但是有些网站管理员只看到ASP的快速开发能力，却忽视了ASP安全问题。ASP从一开始就一直受到众多漏洞，后门的困扰，包括%81的噩梦，密码验证问题，IIS漏洞等等都一直使ASP网站开发人员心惊胆跳。本文试图从开放了ASP服务的操作系统漏洞和ASP程序本身漏洞，阐述ASP安全问题，并给出解决方法或者建议。-ASP Web applications is the development of rapid tool, but some webmasters only see the rapid development of ASP, ASP has been neglected safety issues. ASP from the beginning have been many loopholes in the back door of distress, including nightmares, password authentication, IIS vulnerability, etc. have been so ASP Web developers shocking. This paper attempts to open the ASP services of the operating system vulnerabilities and the process itself ASP loophole, ASP elaborate security issues, and gives solutions or suggestions.