Home All Groups Group Topic Archive Search About

IIS Security

microsoft.public.inetserver.iis.security
Score Restrict by UserAgent
Ed - 14 Jan 2006 9:22 PM - 8 messages
What was a "trivial occurrence" is now a cause for concern. We've been seeing increased activity which seem to be from  Java based crawlers/spiders/scrapers. User agent is of the form: Java/[various versions] Is there a way to restrict/deny requests by a specific useragent on IIS 6 ...
Score NTFS to secure directory in IIS6 not working as expected
Troy - 13 Jan 2006 2:45 AM - 2 messages
I am attempting to secure a directory off a URL (ex. [link] I have changed the NFTS permissions on the member (this is not a virutal) directory to remove my anonmyous user and ...
Score hardening web server
Bad Beagle - 13 Jan 2006 1:38 AM - 3 messages
Is there a standard security template that comes with IIS to harden it? Anythin like securedc.inf? ...
Score WSUS - Not Rebooting machines and resetting user profile
vehemeni - 12 Jan 2006 10:38 PM - 2 messages
We are using WSUS as well.  All of the updates since the WMF patches has caused some of our Windows 2000 systems to reset the user profile. For example, if my username is vehemeni, when the update finished it ...
Score Accessing from another domain
Claudio Schmid - 11 Jan 2006 7:16 PM - 3 messages
Hi All. Thanks in advance. I have two Domains, one "AM" and another "EU", I have a website hosted on a server on the domain "AM" called SERVER1, and the site called "Site1". I want thar users from "EU" domain can connect to the Site1,  but using ...
Score Pass through authentication
RaziLevin - 11 Jan 2006 7:00 PM - 10 messages
Hello, I was wondering how I could implement pass through authentication. What I need is to be able to programmatically retrieve a users password so that I may pass that information along to another website. Request.ServerVariables("REMOTE_USER") will give me the username how can I ...
Score IIS 6.0 Host Headers and Kerberos
Simon Jackson - 11 Jan 2006 6:56 PM - 4 messages
Hi I have two IIS Servers that are exhibiting the same behaviour one is IIS 5.0 (exchange) the other is IIS 6.0 (Sharepoint Services 2.0) My issues is that if I connect to either of these servers using anything ...
Score Change IIS user access from NT domain to AD
PaulSe - 11 Jan 2006 3:06 PM - 4 messages
We have migrated from Exchange 5.5 to 2003, creating a new AD for the users and mailboxes.  We have another server running IIS 5 that we controlled access to by setting up Windows authentication to the NT domain.  We are now ...
Score IP address and domain name restrictions behind a Proxy
Ben - 11 Jan 2006 2:00 PM - 2 messages
Hi all, We want to control access to different sites with “IP address and domain name restrictions” in IIS6 (2003 SP1) but ran into proxy problems. The server is hosting a Citrix Webinterface 4.0 website and all traffic is ...
Score IIS requires firefox to do basic authentication
strycat - 11 Jan 2006 1:41 PM - 3 messages
I've got this really weird problem... I have two directories on my server with very similar apps.  The index page of both, is a simple web form which submits some fields to an ASP script.  This script checks our database, validates the information, ...
Score Default Domain not working on IIS 5
David Parker - 11 Jan 2006 4:47 AM - 3 messages
I am setting up an ASP web site on IIS 5. To handle authentication, I check Request.ServerVariable("AUTH_USER") and send a 401 Unauthorized response if no user is authenticated. When the login box pops up, I want to specify the ...
Score How do I block visitors via referrer in IIS6 ?
Edwin Lau - 11 Jan 2006 2:56 AM - 4 messages
I was wondering if it is possible to block visitors coming from a particular website ? I want to be able to block via referrer links, if that is at all possible ? Thanks. Edwin ...
Score IIS6 Basic Authentication and Kerberos
pcarfan via WinServerKB.com - 10 Jan 2006 6:36 PM - 2 messages
Greetings,    I have a web site on IIS6 using Basic Authentication. The account used to access the site is a Domain Account on my Windows 2003 domain. The IIS server is a member of the Windows 2003 Domain. ...
Score Running a script from an ASP page
Hunter - 10 Jan 2006 3:20 PM - 6 messages
I have a batch file that moves files from one server to another, and I'm calling it from an ASP page using ASPEXEC.  It works when the app pool identity and the user on the site (or the credentials used for anonymous ...
Score Granting Access to intranet on IIS 5
Davey - 10 Jan 2006 9:55 AM - 3 messages
I have an Intranet running on Windows 2000 IIS 5 with FP2002 server extensions installed. What I need to do is restrict access to this intranet to only certain user accounts on our domain, not all domain users ! How can I best acheive this ?? ...
Score Private & Public Key Storage location
Vicky - 10 Jan 2006 6:46 AM - 4 messages
hi, when I configure IIS server on a windows 2000 or 2003 server to use the ssl protocol, I have to make a certificate request, during which a Key pair (public & private) is created. My public key is sent to the CA alomg with my certificate request which is ...
Score IIS passing internal IP in header
DRace1111 - 9 Jan 2006 7:27 PM - 4 messages
We have already applied the hotfix for IIS 6.0 that is explained in article 218180, and the server has been rebooted, but our server is still passing the internal IP address in the header info.  What could we be missing? ...
Score urlscan interpretation?
Vic - 9 Jan 2006 1:17 PM - 2 messages
IIS 5 - lockdown and urlscan installed on windows 2000 server.  New firewall put in place, webserver is on dmz and webserver is fully patched. I rec'd this in my urlscan log - can anyone interpret this for me? I've ...
Score Problem with IIS
Marco Pais - 8 Jan 2006 6:39 PM - 2 messages
Hello there. I am having a problem with my IIS. I have installed it, and then it worked until I restart my computer. When I try to start the service, in IIS mmc, I get this error: "Unespected Error 0x8ffe2740". ...
Next » 2 3 4 5 6 7 8 9 10