Hello I'm happy to announce that we (DDPlus) have just released the first stable version of our new Open Source Project: the Asp.Net Security Analyser (ANSA) Asp.Net Security Analyser (ANSA) is a Open Source, Windows based, online tool, that tests the server's security for known vulnerab...more >>

I'm having trouble signing into my net passport. I check to see if my caps lock was on. It's not. I've never had this problem before. I can sign in on the library's computer. ...more >>

Hello, I have just installed IIS5 from the WinXP disk as an additional component. When trying to access the default page at the loopback address I get a username/password box. After I enter a user (who I know is in the Admin group on the box) it rejects the attempt to login. I have the ...more >>

Our users login (authenticate using db query to an SQL server on .asp pages) to our website and from there they see links that they can visit. If you don't login, you don't see the links, just our intro page. The problem is, if you have the URL to the file, you can get there w/o logging...more >>

I keep getting mass emails from microsoft and they are taking space up in my email. Could someone please help?...more >>

I set up a couple pages using the NT challenge authentication (with user names and passwords of the domain). It's working fine until the system admin. people moved the web server behind a firewall. Now whenever I tried o access these pages from outside, it showed 401.2 error. Guess I need ...more >>

hi i am getting a message from my browser when i want to open a secure site "partnering.one.microsoft.com/mcp" the message is site is highly secure with iis and use ssl plese help me on this problem...more >>

Is there anyway to setup IIS5 or IIS6 so that they can receive SSL requests for different sites on the same IP. I develop several websites on a single developer server and have DNS setup so I can use the host headers and give my clients links to access the development site from the outside. ...more >>

How do I set up a website where users have to login using a standard ID and password?...more >>

I am running Proxy 2 on a Windows 2000 system. I installed SUS, Software Update System, from Microsoft. I locked down IIS as part of the installation, and now I can't get into the proxy setting within IIS. Is there a tool available to reverse the lockdown of IIS?...more >>

I know I have been Hacked. I am trying to see were the hole is Does anyone know what vulnerabilty this is and how to patch it? "Propfind /Admin$ 404 Microsoft-WebDav- Miniredir /5.1.2600" Right under that in the same log file "get /robots.txt -404 Mozilla/4.01 (compatible;+grub- clie...more >>

I just received the new patch from Microsoft, put when I tried to download, my Norton anti virus program detected the virus "W32Swen.A@mm" Has anybody else received this? Is it worth tring to get a non infected verion?...more >>

After setting up AD, I installed .NET 1.1 on the DC I am serving websites on. This machine runs W2k Adv. Server fully patched on IIS 5. Previously the .NET installation created a user called ASPNET (or similar) that one could give permissions to on directory level in order to serve .aspx...more >>

my internet connection keep disconnecting after 20 minutes. i have tried everything to change it and cannot find anything to help hope you can help...thankyou i have windows xp...more >>

Does anyone know how to programatically manage the Virtual Servers' Connection Control lists of IP address for Allow/Deny Access to connecting to the virtual server? I would like to programatically add and remove IP addresses from the lists. Using the property dialogs is very slow and te...more >>

I am in the process of moving my OWA to a new server. However, I cannot get my SSL certificate on the new box. I've tried using the certificates snap-in but it doesn't display the certificate that's opn the old server. I need to export it and import it to the new server. Am I missign somethin...more >>

Running IIS 5.0 on Windows 2000 Server. One domain. Cisco Pix Firewall. We have an INTRANET site that now needs to be accessed by employees OUTSIDE the the firewall (from home or home offices). We want to make those outside folks supply a password to access the site. The internal folks all ha...more >>

Getting this when I try to request a certificate. Any ideas?...more >>

All search pages are down except fot "almight search" which sucks. i have all the security updates and virus updates and i have no clue whats wrong. any ideas please email me at die_mose@hotmail.com. thanks...more >>

Over the weekend I have received over 25 to 30 emails telling me that they were updates for Microsoft. Most of the emails came in under different subject lines and different email address, none of them were being sent directly to my address they appeared to be being sent to an email list. Only ...more >>

My corporate IT just set up NAT and now I have to chnge my ip address for my site running ssl. Any problems doing this. I just purchased a new cert two weeks ago. Will I need a new one? Mike ...more >>

When I log onto a site that requires SSL, on certain computers the = little lock appears on the bottom corner of IE, on others it doesn't. = I'm logging into the web site and the site is a https site. The site = comes up with and without the lock in the browser. =20 Question is, am I still u...more >>

Sometime ago I made the mistake of allowing anonymous ftp access on a Windows 2000 server which quickly filled with bootleg videos, games, and porn. This problem has been fixed but the pirates left behind several files I can't delete. I get the following errors when I try to delete them. ...more >>

Does anybody know of a good Single Sign on ISAPI filter for IIS? I have multiple web servers hosting a portal site and don't want users to have to login to each one. I have seen the article that uses the redirection technique but for various reasons am not satisfied with that solution. An...more >>

Hi, I need some help about the topic... when doing GET or POST operations to a specific page on my server. All I get is a 302 message, what is not a problem, beside the fact that it is showing my internal network IP. In windows 2000 there was no problem with it, after installing a hotfix...more >>

Different site, different IP, different SSL, can it working on a single IIS5 machine?...more >>

I have a file on my computer called clientman. How do I delete this file ...more >>

I have recently had a malicious program invade my hosts file and is preventing me from accessing google or completing advance searchs on any other sites that revert back to google. If anyone else has encountered this problem and can offer a solution I would be very grateful. My kids u...more >>

I set up a virtual directory on my server. I set up a group called FTP to have full control of the directory. On the directory security tab in IIS for the virtual directory I set it to Basic authentication(yes I know it is only plain text) and set the main tab to read and write. For some re...more >>

how do i stop porno pop-ups on my computer....more >>

I am not quite sure what is wrong with my internet explorer, but everytime I open it random words are highlighted...is this a virus or a program that as "silently" been downloaded into my computer? Could you please help email me at: Stephers_77@hotmail.com ...more >>

Microsoft Client this is the latest version of security update, the "October 2003, Cumulative Patch" update which fixes all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express as well as three newly discovered vulnerabilities. Install now to help ...more >>

Hi. i=B4m using kerio personal firewall but i not know that=20 proces and ports use IIS for configure (create rules) my=20 kerio personal firewall. thanks and pardon me by my english....more >>

Setting the stage: Windows XP Professional IIS Installed VS.NET Installed All the latest Critical Updates Installed Ok, I'm logged on to my computer with administrative access, but when I access any part of the web site set to Windows Integrated Authentication only, meaning I remove access...more >>

Hello, Here is a thing. I been trying to figure this out for a while now and can't seem to find any documentations on this issues. I am trying to host multile websites using IIS 5.0. When I do I am creating IUSR_ accounts for each web site and regular user to administer that site. Now for exa...more >>

Hi, On Windows 2000, I use the following connection string in my ASP.NET applications: <add key="ConnectionString" value="server=(local);Integrated Security=SSPI;database=knowledge" /> I then created a login in SQL Server for the ASPNET/<machine name> user and assigned it to a WWWUsers r...more >>

Hi, Does anyone know how to use command line tool to configure IIS so that I can turn on the https connection for the directory security. Currently I have to manually use the IIS5 Service GUI to select "Require Security Channel(SSL)" on the Directory Security option. This is not feasible fo...more >>

Just tried to open LATEST NET PATCH from MS Internet Security Division. Will not open and all I get is a Norton Virus Alert about Object name "upgrade94.exe" with virus "W32.Swen.A@mm", "Cannot repair. Access denied." Is this a valid net patch or a new virus loose in the world or whatever...more >>

We have a web application on our web server that tries to access an MS Access database that is sitting on our file server. We have tried configuring the Anonymous User account as a domain account with the appropriate permissions; we have tried creating an anonymous account on the file ser...more >>

I am trying to get the Logical Disk Counters Object to show up in perfmon. When I install IIS 5.0 it gets removed out of perfmon. I have used the Diskperf -yv to get it back but will not work. I have SP4 on a windows 2000 advance server os. Any Ideas? ...more >>

Can someone help me figure out what virus this is? It appeared on a web page and instantly my Zonealarm and Norton AV shut down. I know I was infected with something but can't figure out what it is yet. Thanks. <script type="text/javascript"> function convertString2Unicode(s) { var...more >>

Dear Mr. Expert, First of all you are dealing with a computer challenged indivdual. So please alow me to simply state my problem. I do need some help and I am hoping you can help me.. The message I get is that an unknown person directs all search engine traffic yo http://64.191.59.85. The p...more >>

Hi, I have used Integrated Windows Authentication to secure a webservice. I have written a PDA application (runs on Pocket PC 2003 Emulator) which accesses this webservice. I have passed the credentials before invoking a webmethod. I get the following error: "The remote server returned an...more >>

This is a repost of a earlier posting ... Here the deal: As a serveradministrator, I want a frontpage-user to be able to access the server permissions interface (webbased in fp2002) for adding new users, disabling anonymous access to subwebs, configuring statisics etc. etc. - but I don...more >>

Consider the folowing actions: 1. User views a webpage on a client machine 2. He then modifies the content of the webpage using frontpage 3. He then publishs the page on the server. Is there a way to get notified on the server when the user performs any action? Can this event be handle...more >>

I have folders with unprintable charters where can I find more info to remove them....more >>

Hi there, I have a problem which seems to be the exact opposite of other Kerberos authentication problems I have read! I have an internal IIS 5.0 W2K SP4 server which is running a web site that ran just fine on IIS 4.0 and NT4.0. Basically I can only get clients to successfully retrieve inform...more >>

OK, this is such a wierd problem that I don't even know where to post this message. The problem is when a machine is part of our domain and then is taken outside our network (ie a laptop) we are not able to access our IIS servers by name (get a Page cannot be displayed). These servers are...more >>

I am trying to implement SSL on a site that has a Basic Authentification Login. When I connect to the 443 port, I get the NT Logon window.(basic authentication) The SSL secure icon is not at the bottom corner of my browser until AFTER I type in the username and password and am authentica...more >>

Hi, We are going to have our WEB server in house, We are using Windows 2003 Web edition. My question is, for security purpose, is that possible to have an internal IP address for Web server and not the public one, I mean for example on our email server, we only have one NIC with an internal...more >>

Hi i don't know if i am posting in the right area or not,but i will give it a shot. Question is i am getting pop up ads from interenet explorer even when i am not on the internet. Someone please tell how to fix this problem. Thanks...more >>

Hi, I am getting about 10 emails a day which I believe to be virus emails. I don't open them, just delete them, but is it normal to get so many? It's been going on for just over a week now. Most of them say they are from Microsoft, critical updates and patches, with attachments, but I know...more >>

I have got this configuration : 1.Windows 2000 server srvpk 4 + IIS 5.0 I have this problem : I can't show a page containig a file named pippo..jpg . this problem occours only in internet and do not occours in my intranet. ( 404 file not found ). Any suggestion ? Thanks . Filippo Espost...more >>

What anti-virus and firewall software is available for use with Windows Server 2003?...more >>

I've been tasked to come up with host based solution to protect ourselves against DOS, DDOS and other malicious attacks. Most the stuff I've been able to find about IIS and DDOS attacks state that you want to block attacks like this at the network level, not at the host level, but we want an add...more >>

I have two directories, one for people before they log in and one for after. The second is protected with windows authenticaton andusers need to be able to view the files in that directory. I don't want to give the users the windows account log in and password to get to that directory, so ...more >>

I am trying to change the path of a virtual directory on a remote server in an asp.net application. Code is: Dim de As New DirectoryEntry("IIS://clt- dev1/w3svc/1/root/participantweb") de.Properties("Path").Value = "c:\newdir" de.Invoke("SetInfo") The above code w...more >>

I have a calendar app that worked fine on a member IIS6 win2k3 server. After promoting the server to a DC, the CGI application is broken, and giving a 403 "not authorized" message. There is an app extension for the app, folder security has execute, and IIS mgr has the folder set to "scri...more >>

We have a Windows 2000 server with IIS running a specific application. The machine in question has a static IP and its name is entered in the DNS with an A record in the forward zone and a PTR in the reverse zone. When we first started working with it we were able to enter http://rec and the IE...more >>

After not being able to connect to the internet, my internet provider support person asked me if I have downloaded any new windows updates. After I said "why, yes I have, just the other day," he informed me that in doing that (after viewing the contents of 'security'), that I have lost the ab...more >>

Is it true that the server needs to be in a domain when just installing Certificate Services? I hope not. I would like to install the Certificate Service when my member server is in a workgroup first. Then once I join a domain I can configure( request and add certificate) it. TIA...more >>