Home All Groups Group Topic Archive Search About

IIS Security

microsoft.public.inetserver.iis.security
Score How to generate a temporary cert ?
Marlon - 17 Jun 2005 3:07 PM - 4 messages
I need a SSL certificate from a non-trusted CA for testing purposes. After processing steps on IIS to get the .csr generated, which tool can I use to process such .csr and get a .cer ? Someone a while back told me about an IIS resource kit tool that could do ...
Score how many users can share one account
b_russ - 16 Jun 2005 8:47 PM - 4 messages
Is there a limitation to the number of different users that can share one account (username & password) to logon to a website simultaneously? This is on an https secure site. I've already ruled-out using anonymous access. Thanks, ...
Score No asmx in W2K3?
!TG - 16 Jun 2005 7:16 PM - 2 messages
I just setup a 2003 ent server. How do I get .Net installed so I can run asmx, aspx, asax, etc? ...
Score 401.3 frustration
Andrew Jocelyn - 16 Jun 2005 10:36 AM - 4 messages
Hi I have a directory under the route of a web site which has anonymous access disabled and basic authentication selected. The folder has Read & Execute, List Folder Contents and Read permissions for the user I want to log on via ...
Score Multiple SSL on the same IIS
Jose Veroes - 16 Jun 2005 5:33 AM - 4 messages
Hi, I configured 2 Virtual servers with different IPs but when I tried to configured the IPs on the SSL portion of the dialog box (the one that is on the properties of the web site, clicking Advance - I gess - in the General ...
Score Redirect subdomains to different applicacions and with security.
Luis Esteban Valencia - 15 Jun 2005 10:07 PM - 2 messages
I want for example [link] [link] [link] I have IIS  I want to redirect each of those adresses to a differente application on the IIS Server. ...
Score IIS6 and Pass-Through Authentication
Arkane - 15 Jun 2005 8:13 PM - 2 messages
We have a Windows 2003 DC (Active Directory) and an IIS6 Webserver to host our intranet. We have 3 forests, however we would like all users in DOMAIN_A to simply 'pass' their credentials to IIS6 without having to type them, so they can get ...
Score IUSR account passwords sync
Mike - 15 Jun 2005 11:21 AM - 6 messages
How do I resynchronize the password of the IUSR account on a Windows 2003 server? ...
Score MS IIS Internal IP Address/Hostname Vulnerability
SteveC - 14 Jun 2005 5:05 PM - 9 messages
My vulnerability scanner is flagging my OWA website because of the MS IIS Internal IP Address/Hostname Vulnerability. I have issued the following command "adsutil set w3svc/UseHostName True" and rebooted the server. The vulnerability scan no longer picks up the internal IP address. However, it ...
Score Windows Integrated Authentication on standalone server
Oyvind - 14 Jun 2005 8:25 AM - 8 messages
Hi. I wish to use Windows Integrated Authentication in IIS to authenticate users logging on. The problem is that the web server is a standalone server located in DMZ, and I wish to authenticate using domain accounts. Am I right to assume that this is not possible, as long as the web ...
Score Win2003 Server/IIS 6.0 Anonymous Login not working
WohooWahoo - 14 Jun 2005 6:31 AM - 5 messages
Hi. Just setup my Windows 2003 server as an App Server running IIS 6.0 for use with ASP.NET apps and other web stuff. After configuring IIS websites with IP addresses and setting permissions through IIS and NTFS for access to ...
Score Is urlscan installed?
Peter Kaufman - 14 Jun 2005 5:16 AM - 4 messages
Hi, How can I tell if URLscan is installed on W2K Server? Thanks, Peter ...
Score Anonymous and NTLM
rgmullen - 13 Jun 2005 10:21 PM - 3 messages
I have a customer requirement where they would like to alllow certain users to use NTLM as they enter our secure site while others would login through a web form. The desired action would be to check the interactive user's credentials upon entry to the site then compare it ...
Score 401.3 on IIS after SP1
M.Siler - 13 Jun 2005 9:52 PM - 8 messages
Any one had the problem that after installing SP1 that IIS presents the user with a login window and if you cancel you get an 401.3 Unauthorized: Access is denied... Everything was working just fine until Windows Server 2003 SP1 was ...
Score Most secure solution for ftp (IIS?)
hal - 13 Jun 2005 8:35 PM - 4 messages
So I have a graphics person who wants anonymous ftp for print shops and external consultants to upload graphics too big to email.  Ok, easy enough, I went out and got Cerberus and put it on our spare DMZ ...
Score http trace
GQuitugua - 13 Jun 2005 6:25 PM - 2 messages
I'm trying to secure the "http trace" vulnerability on my web server (xforce article 11149).  I have applied url scan and disabled the appropriate verbs.  My question is, I'd like to test it to ensure that in fact tracing is ...
Score Web folder permissions changes are not immediate
Stefano - 13 Jun 2005 12:51 PM - 2 messages
Hi all, I created a web folder (using WebDAV in IIS 6). I assigned NTFS full control to a specified local group of users. So, I can access to the web folder using users credentials. But, when I add a new user to the group, I've to wait about 20 minutes until I can access ...
Score Logon Prompt Required to Access IIS6 Site - Solved
Mark Olbert <> - 12 Jun 2005 11:00 PM - 2 messages
I'm posting this to save some other poor sod the pain I went through... I have IIS6 running on WinServer2003 SP1. I moved over several existing websites from an IIS5.1 box running Win2K SP4 by copying the directories, and then using the New Website wizard in IIS6 to ...
Next » 2 3 4 5 6 7 8 9 10