|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
HOW TO IIS -SecurityHi!! & Hello!!!
Well I have a server where I have hosted many sites on IIS 6.0. When the users I mean the public users (anyone from anywhere) if they go to their Start->Run-> from windows and type the IP address(for eg \\83.485.574.22) like this it opens up the default site with full directory view and ...with all the files and folders. write permission ..how can i stop this ??? i mean their is no security at all how can i stop this??? regards Phil Hi,
a) How do you know there is no security? Are you allowing anonymous access? Have you configured NTFS permissions to restrict which users can access the files? b) Do you have WebDAV enabled in the Web Service Extensions list? They are accessing the site via WebDAV by the looks of it - if you have it enabled, you need to take additional steps to restrict who can view what. Otherwise disable WebDAV if you don't need that functionality. Cheers Ken Show quoteHide quote "phil" <philip.prabha***@gmail.com> wrote in message news:1148532255.803316.252990@j73g2000cwa.googlegroups.com... > Hi!! & Hello!!! > > Well I have a server where I have hosted many sites on IIS 6.0. When > the users I mean the public users (anyone from anywhere) if they go to > their Start->Run-> from windows and type the IP address(for eg > \\83.485.574.22) like this it opens up the default site with full > directory view and ...with all the files and folders. write permission > .how can i stop this ??? i mean their is no security at all how can i > stop this??? > > regards > Phil > Hello
thanks for reply a) How do you know there is no security? Well, as mentioned earlier that anyone can access this domain from anywhere with read and write permissions... b)Are you allowing anonymous access? Yes this is a public website c)Do you have WebDAV enabled in the Web Service Extensions list? Well Im new to this field so i don't know about this...well where can i get the info on my machine whether WebDAV is enabled??? regards Phil Ken Schaefer wrote: Show quoteHide quote > Hi, > > a) How do you know there is no security? Are you allowing anonymous access? > Have you configured NTFS permissions to restrict which users can access the > files? > > b) Do you have WebDAV enabled in the Web Service Extensions list? They are > accessing the site via WebDAV by the looks of it - if you have it enabled, > you need to take additional steps to restrict who can view what. Otherwise > disable WebDAV if you don't need that functionality. > > Cheers > Ken > > > "phil" <philip.prabha***@gmail.com> wrote in message > news:1148532255.803316.252990@j73g2000cwa.googlegroups.com... > > Hi!! & Hello!!! > > > > Well I have a server where I have hosted many sites on IIS 6.0. When > > the users I mean the public users (anyone from anywhere) if they go to > > their Start->Run-> from windows and type the IP address(for eg > > \\83.485.574.22) like this it opens up the default site with full > > directory view and ...with all the files and folders. write permission > > .how can i stop this ??? i mean their is no security at all how can i > > stop this??? > > > > regards > > Phil > > "phil" <philip.prabha***@gmail.com> wrote in message How do you know they aren't sending credentials? Have you checked the news:1148542660.865052.202830@i40g2000cwc.googlegroups.com... > Hello > thanks for reply > > a) How do you know there is no security? > Well, as mentioned earlier that anyone can access this domain from > anywhere with read and write permissions... relevant IIS logfiles? > b)Are you allowing anonymous access? Open IIS Manager. There is a node called "Web Service Extensions". Locate > Yes this is a public website > > c)Do you have WebDAV enabled in the Web Service Extensions list? > Well Im new to this field so i don't know about this...well where can i > get the info on my machine whether WebDAV is enabled??? WebDav. Disable it. If you need more help on securing IIS, I co-wrote a book with Bernard Cheah (another IIS MVP). You can order it from Amazon.com (or any other bookstore): http://www.amazon.com/exec/obidos/ASIN/1931836256/adopenstati0f-20 Cheers Ken Show quoteHide quote > regards > Phil > > Ken Schaefer wrote: >> Hi, >> >> a) How do you know there is no security? Are you allowing anonymous >> access? >> Have you configured NTFS permissions to restrict which users can access >> the >> files? >> >> b) Do you have WebDAV enabled in the Web Service Extensions list? They >> are >> accessing the site via WebDAV by the looks of it - if you have it >> enabled, >> you need to take additional steps to restrict who can view what. >> Otherwise >> disable WebDAV if you don't need that functionality. >> >> Cheers >> Ken >> >> >> "phil" <philip.prabha***@gmail.com> wrote in message >> news:1148532255.803316.252990@j73g2000cwa.googlegroups.com... >> > Hi!! & Hello!!! >> > >> > Well I have a server where I have hosted many sites on IIS 6.0. When >> > the users I mean the public users (anyone from anywhere) if they go to >> > their Start->Run-> from windows and type the IP address(for eg >> > \\83.485.574.22) like this it opens up the default site with full >> > directory view and ...with all the files and folders. write permission >> > .how can i stop this ??? i mean their is no security at all how can i >> > stop this??? >> > >> > regards >> > Phil >> > > Hey Thanks man for the suggestion
After Disabling this it works better, if you have any suggestion..let me know..Meanwhile if u have any online site where i learn more about IIS security just past it across. Thanks once again regards Philip Ken Schaefer wrote: Show quoteHide quote > "phil" <philip.prabha***@gmail.com> wrote in message > news:1148542660.865052.202830@i40g2000cwc.googlegroups.com... > > Hello > > thanks for reply > > > > a) How do you know there is no security? > > Well, as mentioned earlier that anyone can access this domain from > > anywhere with read and write permissions... > > How do you know they aren't sending credentials? Have you checked the > relevant IIS logfiles? > > > > > b)Are you allowing anonymous access? > > Yes this is a public website > > > > c)Do you have WebDAV enabled in the Web Service Extensions list? > > Well Im new to this field so i don't know about this...well where can i > > get the info on my machine whether WebDAV is enabled??? > > Open IIS Manager. There is a node called "Web Service Extensions". Locate > WebDav. Disable it. > > If you need more help on securing IIS, I co-wrote a book with Bernard Cheah > (another IIS MVP). You can order it from Amazon.com (or any other > bookstore): > http://www.amazon.com/exec/obidos/ASIN/1931836256/adopenstati0f-20 > > Cheers > Ken > > > > > regards > > Phil > > > > Ken Schaefer wrote: > >> Hi, > >> > >> a) How do you know there is no security? Are you allowing anonymous > >> access? > >> Have you configured NTFS permissions to restrict which users can access > >> the > >> files? > >> > >> b) Do you have WebDAV enabled in the Web Service Extensions list? They > >> are > >> accessing the site via WebDAV by the looks of it - if you have it > >> enabled, > >> you need to take additional steps to restrict who can view what. > >> Otherwise > >> disable WebDAV if you don't need that functionality. > >> > >> Cheers > >> Ken > >> > >> > >> "phil" <philip.prabha***@gmail.com> wrote in message > >> news:1148532255.803316.252990@j73g2000cwa.googlegroups.com... > >> > Hi!! & Hello!!! > >> > > >> > Well I have a server where I have hosted many sites on IIS 6.0. When > >> > the users I mean the public users (anyone from anywhere) if they go to > >> > their Start->Run-> from windows and type the IP address(for eg > >> > \\83.485.574.22) like this it opens up the default site with full > >> > directory view and ...with all the files and folders. write permission > >> > .how can i stop this ??? i mean their is no security at all how can i > >> > stop this??? > >> > > >> > regards > >> > Phil > >> > > > You can obtain the entire IIS Resource Kit from the Microsoft website for
free. Alternatively, there is the book I mentioned (it covers IIS security) Otherwise, depending on your time, you can search the web for the equivalent content. but how much is your time worth? Cheers Ken Show quoteHide quote "phil" <philip.prabha***@gmail.com> wrote in message news:1148649040.533718.101610@i40g2000cwc.googlegroups.com... > Hey Thanks man for the suggestion > After Disabling this it works better, if you have any suggestion..let > me know..Meanwhile if u have any online site where i learn more about > IIS security just past it across. Thanks once again > > regards > Philip > > Ken Schaefer wrote: >> "phil" <philip.prabha***@gmail.com> wrote in message >> news:1148542660.865052.202830@i40g2000cwc.googlegroups.com... >> > Hello >> > thanks for reply >> > >> > a) How do you know there is no security? >> > Well, as mentioned earlier that anyone can access this domain from >> > anywhere with read and write permissions... >> >> How do you know they aren't sending credentials? Have you checked the >> relevant IIS logfiles? >> >> >> >> > b)Are you allowing anonymous access? >> > Yes this is a public website >> > >> > c)Do you have WebDAV enabled in the Web Service Extensions list? >> > Well Im new to this field so i don't know about this...well where can i >> > get the info on my machine whether WebDAV is enabled??? >> >> Open IIS Manager. There is a node called "Web Service Extensions". Locate >> WebDav. Disable it. >> >> If you need more help on securing IIS, I co-wrote a book with Bernard >> Cheah >> (another IIS MVP). You can order it from Amazon.com (or any other >> bookstore): >> http://www.amazon.com/exec/obidos/ASIN/1931836256/adopenstati0f-20 >> >> Cheers >> Ken >> >> >> >> > regards >> > Phil >> > >> > Ken Schaefer wrote: >> >> Hi, >> >> >> >> a) How do you know there is no security? Are you allowing anonymous >> >> access? >> >> Have you configured NTFS permissions to restrict which users can >> >> access >> >> the >> >> files? >> >> >> >> b) Do you have WebDAV enabled in the Web Service Extensions list? They >> >> are >> >> accessing the site via WebDAV by the looks of it - if you have it >> >> enabled, >> >> you need to take additional steps to restrict who can view what. >> >> Otherwise >> >> disable WebDAV if you don't need that functionality. >> >> >> >> Cheers >> >> Ken >> >> >> >> >> >> "phil" <philip.prabha***@gmail.com> wrote in message >> >> news:1148532255.803316.252990@j73g2000cwa.googlegroups.com... >> >> > Hi!! & Hello!!! >> >> > >> >> > Well I have a server where I have hosted many sites on IIS 6.0. When >> >> > the users I mean the public users (anyone from anywhere) if they go >> >> > to >> >> > their Start->Run-> from windows and type the IP address(for eg >> >> > \\83.485.574.22) like this it opens up the default site with full >> >> > directory view and ...with all the files and folders. write >> >> > permission >> >> > .how can i stop this ??? i mean their is no security at all how can >> >> > i >> >> > stop this??? >> >> > >> >> > regards >> >> > Phil >> >> > >> > > phil wrote on 24 May 2006 21:44:15 -0700:
> Hi!! & Hello!!! A connection to \\w.x.y.z isn't going through IIS - that's a UNC path. > > Well I have a server where I have hosted many sites on IIS 6.0. When > the users I mean the public users (anyone from anywhere) if they go to > their Start->Run-> from windows and type the IP address(for eg > \\83.485.574.22) like this it opens up the default site with full > directory view and ...with all the files and folders. write permission > .how can i stop this ??? i mean their is no security at all how can i > stop this??? > > regards > Phil Actually, it shouldn't show the default site at all - it should just show a list of the available shares on the machine on that IP address. If this is the case, you've got Windows file sharing exposed to everyone, and the guest account enabled with full permissions - this is nothing to do with IIS, and it means you've changed the default NTFS permissions in Windows and connected your machine to the internet with no firewall. Dan Hello thanks for reply
Can U please tell me how to rectify??? this problem??? I have checked the permission on wwwroot directory but guest account and everyone account are not given full permissions. only read is enabled??? how to get out of this problem.??? regards phil Daniel Crichton wrote: Show quoteHide quote > phil wrote on 24 May 2006 21:44:15 -0700: > > > Hi!! & Hello!!! > > > > Well I have a server where I have hosted many sites on IIS 6.0. When > > the users I mean the public users (anyone from anywhere) if they go to > > their Start->Run-> from windows and type the IP address(for eg > > \\83.485.574.22) like this it opens up the default site with full > > directory view and ...with all the files and folders. write permission > > .how can i stop this ??? i mean their is no security at all how can i > > stop this??? > > > > regards > > Phil > > A connection to \\w.x.y.z isn't going through IIS - that's a UNC path. > Actually, it shouldn't show the default site at all - it should just show a > list of the available shares on the machine on that IP address. If this is > the case, you've got Windows file sharing exposed to everyone, and the guest > account enabled with full permissions - this is nothing to do with IIS, and > it means you've changed the default NTFS permissions in Windows and > connected your machine to the internet with no firewall. > > Dan phil wrote on 25 May 2006 02:23:39 -0700:
> Hello thanks for reply Well, if you really are getting Windows share connections rather than via > Can U please tell me how to rectify??? this problem??? I have checked > the permission on wwwroot directory but guest account and everyone > account are not given full permissions. only read is enabled??? how to > get out of this problem.??? IIS, you need to check the NTFS permissions from Windows itself, not the IIS manager. IIS is not being used, so your question is irrelevant in this group. And you really need to get a firewall in place, never expose a machine directly to the internet. Dan Hello
Well I feel we are missing out a point here... see when i \\x.y.z.y why should only my Default site should open there are so many other share which i have given??? and more over i have not shared my wwwroot folder at all. so I need some help from you. regards Phil Daniel Crichton wrote: Show quoteHide quote > phil wrote on 25 May 2006 02:23:39 -0700: > > > Hello thanks for reply > > Can U please tell me how to rectify??? this problem??? I have checked > > the permission on wwwroot directory but guest account and everyone > > account are not given full permissions. only read is enabled??? how to > > get out of this problem.??? > > Well, if you really are getting Windows share connections rather than via > IIS, you need to check the NTFS permissions from Windows itself, not the IIS > manager. IIS is not being used, so your question is irrelevant in this > group. And you really need to get a firewall in place, never expose a > machine directly to the internet. > > Dan Actually, there is one overall conclusion that can be drawn;
You are way in over your head. Unplug that machine and call a professional. Seriously, that machine probably already compromised and helping to make the internet a foul, spam-ridden place already. Show quoteHide quote "phil" <philip.prabha***@gmail.com> wrote in message news:1148556466.307189.174190@38g2000cwa.googlegroups.com... > Hello > > Well I feel we are missing out a point here... see when i \\x.y.z.y why > should only my Default site should open there are so many other share > which i have given??? and more over i have not shared my wwwroot folder > at all. so I need some help from you. > > regards > Phil > Daniel Crichton wrote: >> phil wrote on 25 May 2006 02:23:39 -0700: >> >> > Hello thanks for reply >> > Can U please tell me how to rectify??? this problem??? I have checked >> > the permission on wwwroot directory but guest account and everyone >> > account are not given full permissions. only read is enabled??? how to >> > get out of this problem.??? >> >> Well, if you really are getting Windows share connections rather than via >> IIS, you need to check the NTFS permissions from Windows itself, not the >> IIS >> manager. IIS is not being used, so your question is irrelevant in this >> group. And you really need to get a firewall in place, never expose a >> machine directly to the internet. >> >> Dan > 
Other interesting topics
Security in SMTP Virtual Server
Application Pool domain credentials integrated authentication securing multiple websites using wildcard certificate - one IIS 6.0 server One Domain with 2 websites and 2 SSL Certs How can digitally signed executable be "secure" ? Wildcard Domain Restriction No access after requiring SSL HTTP Error 403.6 - Forbidden: IP address of the client has been re HELP --- FTP IIS |
|||||||||||||||||||||||
