IIS Security

I have IIS 6.0 Win 2003. Most directories in the web use MS default permissions for IIS 6.0 , the relevant ones of which are USERS (Read & Excecute, List Folder.., and Read) and the Internet Guest Account server ...

Hi, I have an asp.net 2.0 Intranet app that is installed to a Win2003 Server running IIS 6.0.  This production server also hosts asp.net 1.1 apps also.  I isolated the two into separate application pool on the ...

Is there a security risk of patching my web server via microsoft update while the websites are running?  Or should I shutdown IIS prior to doing this?  My thought is I could update the server and schedule aq reboot t a later time. ...

hi there, i need some urgent assistance, we've installed win 2k3 standard edittion and only .net 1.1 service pack, but when ever we access our site a window pops up asking us the user name and password, we give the administrator user name and ...

Hi. I need to disable the SSLv2 protocol, and am having problems.  I have followed the instructions in Article ID : 187498 re: the registry modifications, but when I re-scan my server, it still shows SSLv2 as a vulnerability. ...

Hi, I'm having an issue with a self signed certificate.  If I import it via the "certificate" mmc, into the "Personal" store of the Local Machine store (or "user", then move it to "local machine"), then select it for use with a site the SSL does not work (connection drops ...

I've winxp sp2 with IIS 5.1. I want to enable basic auth: on my virtual website which is redirecting to a diff: URL. Currently the fwding of url works without asking any usrname/pswd even though Anonymous is disabled and ...

Windows Integrated authentication works great, but when it fails (because the user doesn't have the site in the intranet sites for example) they are prompted for credentials.  Unfortunatly, instead of defaulting to DOMAIN\ it is COMPPUTER\ and of course that never works. ...