Home All Groups Group Topic Archive Search About

IIS Security

microsoft.public.inetserver.iis.security
Score XMLHTTP no longer works after updates
Lewis - 7 Apr 2006 5:49 PM - 2 messages
We recently installed some updates on our Windows 2000 server machine.  It is running IIS 5.0.  Ever since we did, one of our web pages no longer works.  Here is a snippet of the code that no longer works: ...
Score Can't import certificate to IIS
Gu - 7 Apr 2006 4:55 PM - 6 messages
Hi I created a SSL cert request on the IIS. I sent it to the cert provider. In the meantime I installed a test certificate on this web site. Today I got the certificate and tried to install. But it didn't work. ...
Score Any third-party tool to deny IP on IIS 5?
Alexey Smirnov - 7 Apr 2006 2:28 PM - 2 messages
Is there any good tool to block IPs on IIS 5 on multiple sites in the same time? I know that I can use WWW Services Master Properties to deny IP on all sites, I don't like it very much because I cannot paste IP into list, ...
Score Multiple Virtual Sites on One Server Running on Port 443
Lloyd - 7 Apr 2006 1:37 AM - 8 messages
Is it possible to have multiple virtual sites on a single server running on Port 443? We are running W2K3 with IIS6, we have several virtual sites on the server running just fine on port80 and up to today we had one virtual site running ...
Score Kerberos from XP to IIS hosting ASP.NET 2.0 Web Service help
Brian Cobb - 6 Apr 2006 9:41 PM - 5 messages
I am trying to get Basic Kerberos Auth to work.  The client, middle-tier, and back-end servers are all in the same Windows 2000 functional level domain.  All 3 are trusted for delegation.  The account used for testing has domain admin priviliges on the domain, and admin ...
Score IISAdmin on localhost
Matt Woodyard - 6 Apr 2006 5:20 PM - 8 messages
You can set the various IIS processes(web/ftp) to serve content only on specific iterfaces(ie. localhost only, only one of IPs on a machine), is there a way to apply this type of setting to the IISAdmin service? Can I run ...
Score 401.1 IE Error
jamie-strahan@paoli.com - 6 Apr 2006 3:25 PM - 4 messages
I have setup a website(Intranet) using Windows integrated authenication and Annonymous access is turned offf.  All servers in Domain are Windows Server 2003.  One Domain only. If any of the Domain Admins are logged in they can access the site and ...
Score Can't 'get' from ftp folder
Joe - 5 Apr 2006 3:58 PM - 4 messages
I have the Windows Firewall running and added port 20 & 21 to the exceptions. When I try to browse the folders using IE I get 'The operation timed out' although I'm connected. If I disable the firewall, I can browse the folders but when trying a Copy ...
Score viewing text files over internet
Jon Phipps - 5 Apr 2006 3:48 PM - 3 messages
first off my appologies if this is OT for this group. I have an odd situtation on my hands under Server 2k3 standard. I have a password protected site set up which basically allows readonly access to all drives and folders on the server machine. This is all  well and good, except ...
Score CTL_E_PERMISSIONDENIED
MikeV06 - 4 Apr 2006 10:57 PM - 7 messages
IIS 6 on Win2003 with Net 2.0 I am getting an exception trying to run a simple aspx page. This is causing the error: objCount = objFSO.CreateTextFile("counter.txt", True). I have gone through my default web page settings and the ntfs setting for ...
Score Connecting to a virtual directory using integrated authentication
loeran - 4 Apr 2006 8:42 PM - 2 messages
IIS 6 Win2K3. I created a new virtual folder.  That points to \\fileshare\myfolder. The virtual folder is set to use integrated windows authentication and the "connect as" is set to "Always use the authenticated user's credentials when validating access to the network directory." ...
Score Accessing website with Certificate
2Tian - 4 Apr 2006 7:24 AM - 2 messages
i have created a CA, MS Certificate, in the webserver (Windows 2003 server). Internal user when accessing the website, it pop-up a "Security Alert" with a exclamation mark stated: "The security cerificate issued by a company you have not chosen to trust. ...
Score Windows cannot unload your registry file
Alexey Smirnov - 3 Apr 2006 2:08 PM - 5 messages
On the webserver (Win2000, IIS, SQL Server) I have many messages in Event Log like this: ----------------------------------- Event Type: Error Event Source: Userenv Event Category: None Event ID: 1000 User:  NT AUTHORITY\SYSTEM Description: Windows cannot unload your registry file.  If you have a roaming profile, ...
Score IUSR has to be in Admin group to work
Ishmealm - 3 Apr 2006 1:44 PM - 3 messages
This is from an earlier post, but I think I posted for the wrong thing.  None of my applications that use the IUSR account for anonymous authenication work, unless, I add the IUSR account to the admin group (this ...
Score ftp brute force attacks
MikeV06 - 3 Apr 2006 1:16 PM - 2 messages
I have been getting a bunch of brute force attempted logins to account Administrator on my ftp server (IIS 6). I have got the appropriate changes to my server to make the attacks no more than troublesome. I do have a ...
Score Security trimming with impersonation
Toty Santana - 3 Apr 2006 2:21 AM - 3 messages
I am using impersonation for my asp.net 2 web application, as the application requires db and file access permission , but in the same time I am using security trimming for the sitemap and I am using  WindowsProvider as the  ...
Score Common Name question
Scott Houser - 3 Apr 2006 12:57 AM - 4 messages
I'm using Windows 2003 server IIS 6.0 and have questions concerning the iis certificate wizard. Exchange 2003 is also on this server. I have one public ip address and plant to have our MX record pointed at it. ...
Score Authentication
Gaji - 3 Apr 2006 12:48 AM - 2 messages
Windows 2003, IIS Manager, I Have Websites/Default Websites. Under there I have WebsiteA using ActiveDomain credentials to login which is working, Also I wanted WebsiteB to use An app pool and Anon Access. Is this possible (i.e. having two authentication methods on/under default website) or ...
Score Security of Webpage
pcsmitpra - 2 Apr 2006 10:21 AM - 9 messages
I am running a website, and found any one can access its data via MS Frontpage. Where is the lack, it is not asking for password while opening the page and showing my whole directory structure. I use Internet explorer to ...
Next » 2 3 4 5 6 7 8 9 10