Home All Groups Group Topic Archive Search About

IIS Security

microsoft.public.inetserver.iis.security
Score Security templates and IUSR account log on locally
Anthony - 1 Jul 2006 8:35 AM - 8 messages
Environment: IIS6.0 Windows 2003 R2, Windows 2003 level domain. Everything standard. 1) The Microsoft security guide for IIS6.0 says that the IUSR account needs Log on Locally rights. 2) The Microsoft group policy Enterprise security template for Member ...
Score Change Password Site in IIS 6.0
Fred Yarbrough - 30 Jun 2006 10:22 PM - 2 messages
We are running a Change Password site using Windows 2000 with IIS 5.0 using the standard IISADMPwd files. I am trying to build up a new Windows 2003 IIS 6.0 version and it is not working.  I have done lots of reading about the switch to .asp based code ...
Score IE does not offer to open item downloaded via https
Richard Glanville - 30 Jun 2006 5:07 PM - 6 messages
Hi, I'm trying to investigate a problem wher IE does not offer to open a item downloaded via https. So far can only reproduce on Windows 2003 Server _Enterprise Edition_ with SP1 installed. Could not repro with Standard Edition. ...
Score IIS logs show domain laptop logging into WEBDAV
FD - 30 Jun 2006 12:18 PM - 2 messages
Hi, I have a curious problem that I hope someone can shed some light on.  The log below shows a domain laptop logging in to our webserver's webdav. This incident occurs after business hours. The bad news is it is my laptop's IP ...
Score Can i make personal ssl cert from verisign's one?
heingray - 30 Jun 2006 7:36 AM - 5 messages
I tryed it until yesterday. I think i'm almost succeed. it's so easy. set openssl SSLCACertificateFile to verisign's one. cert tree appear to follow. VeriSign Class 3 Public Primary CA ---> [link] incorp.by Ref. LIABILITY LTD. (c)97 VeriSign ...
Score IIS on Vista & IISLockdown/UrlScan
Stephen - 30 Jun 2006 2:41 AM - 3 messages
Does anyone have any suggestions for what security steps need to be taken to secure a basic web server in Vista running ASP.NET 2.0 pages with some VB.NET?IISLockdown doesn't list Vista in supported products so am I right to ...
Score monitor access to docs on IIS
WES - 29 Jun 2006 2:41 PM - 2 messages
I have an automated job on an IIS 4&5  server that generates .pdf reports to users directories. The users each have seperate unique logins to their respective directories. The users logins ARE NOT Windows domain accounts. The user accounts are assigned through a ...
Score Filtering Query String
West, I - 29 Jun 2006 8:25 AM - 4 messages
Hi, I have a client site who runs IIS5 as his web server with Filemaker 6 as there backend database. There is a major security flaw with the Filemaker web publishing engine and with a simple url string (e.g. fmpro?-format=-dso_xml&-dbnames) you can then ...
Score Is there a way to avoid/security alert box from redirecting to HTTP to HTTPS?
Jayanthv - 28 Jun 2006 9:45 PM - 10 messages
I saw some questions and answers which says we cannot supress the security alert box when redirecting from HTTP to HTTPS? But i saw many sites are easily redirecting from HTTP to HTTPS without security alert box.. How can i code such that i should not get alert box from HTTP to HTTPS? ...
Score login problem with iis and webdav.
Allan Bentsen - 28 Jun 2006 7:16 PM - 5 messages
Hi there My setup is as follows. A Windows 2003 Server, IIS 6, WebDav, and a website (aspx/C#) A Windows XP Pro sp2 ie6 sp2. Problem: From a webpage it is possible to choose between opening a folder in a ...
Score IIS6 HTTPS POST not being returned to .ASP file...
Sean - 28 Jun 2006 3:39 PM - 4 messages
Using IIS6 on 2003 SP1.  What I am doing is submitting a credit card approval request to an HTTPS (ssl) site.  The response is being redirected to an .ASP file - which is set up to accept the fields being returned.  Problem is I ...
Score Can Somone Tell Me If We Have a Hacker?
razor - 27 Jun 2006 4:26 PM - 10 messages
Hello-- I am pasting an event log from our IIS/web server that repeats about 50 times every day during non-business hours. Our SQL administrator seems to believe that somone is trying to hack into our system via FTP. ...
Score SSL issue OWA 2003
The_Bar - 27 Jun 2006 3:41 PM - 3 messages
Dear Reader, I have installed an Windows exchange server 2003 with my own CA. I have made my own webserver certificate that will be used by OWA. Now I have one issue, when I connect to my e-mail using OWA I see at ...
Score A little help (kerberos, netbios, and SPN... oh my!)
Craig Carrigan - 27 Jun 2006 2:58 AM - 8 messages
I have a custom intranet that I have setup for our company.  The access is secured using IWA and when the site is access by server name (QSERVER\internal) the domain user's credentials are passed automatically and everything is ...
Score The IIS service does not seem to be serving up .asmx or .asp pages
idaliac - 27 Jun 2006 1:04 AM - 5 messages
Hope someone help me , The IE error that is presented is "Cannot find server or DNS Error" and t# Fields: date time s-sitename s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status ...
Score IIS Access
phill - 26 Jun 2006 2:49 PM - 2 messages
Hello, We have had a request off developers to have access to some servers.  I can achieve everything I need by assigning a group to log on locally and Allow RDP.  This just allows them to look.  ...
Score IIS5: Renew certificate
Andrew Hodgson - 25 Jun 2006 10:24 AM - 4 messages
Hi, I wish to renew a certificate with IIS 5, but the provider of the new certificate should idealy be another issuer. If I follow the renew wizard to generate the CSR, will this work by sending the CSR to the new supplier, then installing the certificate? ...
Next » 2 3 4 5 6 7 8 9 10