Home All Groups Group Topic Archive Search About

IIS Security

microsoft.public.inetserver.iis.security
Score Trying to understand this behavior, Ports in IIS
Marlon - 24 Jun 2005 2:55 PM - 6 messages
Win2003, IIS6. Under "Internet Information Services/Web Sites" snap-in, I've created a "Mysite" site. If I click "Properties", "Web Site" tab, I see the following information: TCP Port=8080      SSL=443 I published this site via ISA 2004. In ISA I setup a web listener to "listen ...
Score Resetting IUSR user token
Ard - 24 Jun 2005 11:25 AM - 5 messages
Folks, Maybe someone can help me out here. I'm working on an ASP web application on a w2k server with iis 5. The application dynamically creates folders and uses adsi to create local windows groups that have access to these folders. ...
Score IIS/Windows Permissions/Rights
Paul J. Landry - 23 Jun 2005 7:15 PM - 4 messages
HI Guys. I hope you can help me out! I've poseted a similar question on "inetserver.asp.general" a couple of days ago, but I think I'm gonna have better luck here since it's more of a ...
Score Web Server Reverse Proxy Bug
Pankaj - 23 Jun 2005 3:18 PM - 2 messages
Hi - i recently used the vulnerability assessment service for our web server & the following was reported by the system "The remote Web server seems to allow any anonymous user to use it as a reverse proxy. This may expose ...
Score Classic ASP Page not running under IIS6.0
Frank - 23 Jun 2005 2:11 PM - 3 messages
I have a Windows2003 server with IIS6.0. However, none of the classic ASP pages are running. I receive 401.3 Access Denied error message. I made sure the internet guest account has read permission (I actually give everyone read ...
Score SSL Site showing Page not found
TonyR - 23 Jun 2005 11:07 AM - 3 messages
I've installed a trial cerificate from verisign on my IIS 5.  Now when I connect to the server using a browser with http://... it says that the page must be viewed over a secure channel.  If I connect with ...
Score Windows Authentication
Marty McClamma - 23 Jun 2005 4:33 AM - 2 messages
I am running a w2K ad, And I have just setup a W2003 IIS 6 server that I need to authenticate against my ad.  This is working on the older IIS 5 server I am replacing. It is logged into the AD. ...
Score Is MBSchExt.xml a legitimate schema file ?
vconline - 22 Jun 2005 4:57 PM - 4 messages
I am writing security policies for IIS 6.0 (Windows 2003 Server) and noticed that IIS tried to write MBSchExt.xml file. Unfortunately, I could not look in the file since the IPS software prevented from writing this file. I cannot find any information on MBSchExt.xml, is this a legitimate IIS ...
Score IIS 6.0 Website requests authentication - anonymous is checked
clrscr - 22 Jun 2005 3:24 PM - 2 messages
Server: Windows 2003 Standard with Exchange 2003 I installed an SSL certificate on my Exchange site in IIS and checked "require SSL". Of course this made it impossible to reach the site on port 80 so I changed the TCP port to 8080 and created another site ...
Score Removing IIS Passwords
Phill Y via WinServerKB.com - 22 Jun 2005 1:20 AM - 3 messages
I am having troubles in trying to remove the password from my websites. The websites are being run through IIS. I want to make it so that the password box doesn't appear anymore and it doesn't need you to log in. What can i do??? ...
Score AUTHORIZATION with WINDOWS AUTHENTICATION -- HELP!!
phreeskier@gmail.com - 21 Jun 2005 9:03 PM - 3 messages
i want to implement authorization with windows authentication and don't have the slightest clue of how to do this implementation.  the basic windows authentication for this .NET application is already setup.  my problem lies within my inability to manipulate the username captured in ...
Score Ideas on deferring authentication?
rgutter - 21 Jun 2005 9:01 PM - 4 messages
We currently have a public IIS6 server in our DMZ. It's been made a domain member to allow Basic Authentication against our AD for  a number of confidential documents - all within a single web - on the server. (We don't want to maintain a separate user database.) ...
Score IIS and domain security
Phil - 21 Jun 2005 7:18 PM - 2 messages
I have a directory under my wwwroot folder that I would like accessible over the web where my internal domain users do NOT have to enter credentials.  But any user not on our domain must enter credentials.  That way all my internal ...
Score Installing root certificate & chain
chefo - 20 Jun 2005 4:06 PM - 2 messages
Please excuse my loose expression but I am not IIS & PKI specialist. I need to establish SSL with root certificate from local CA. To do so, I need to install the root certificate chain on the server, so the client ...
Score .net user not working IIS6
Matty M - 20 Jun 2005 10:09 AM - 3 messages
Hi, Something confusing me slightly, when a user wants to run .aspx pages etc I was under the impression that I could just grant the ASPNET user full rights or read to the website that needed it. This doesn’t seem to work, if I grant ...
Next » 2 3 4 5 6 7 8 9 10