I have been receiving three times a day for the last two weeks an email from security@microsoft.com with an attachment called ATT00005.txt (59B) with a subject that says "use this patch immediately !" and a text that says: "Dear friend , use this Internet Explorer patch now! There are dang...more >>

Hello Board: please read this as it is stated on the top of my pc screen. MICROSOFT INTERNET EXPLORER PROVIDED BY SAVEWEALTH. Was my IE,captured by some unknowns? How do I get rid of this SaveWealth attachment from my IE? It gives pop-ups,etc. Mic-Soft,gave me a case #,but never got back t...more >>

The Facts: 1. Windows 2000 Web Server 2. Windows 2003 Domain Controller 3. Web Server uses FrontPage server extensions 4. Have had the same problem with different web servers and domain controllers The Sad Story: We have a web site with two subwebs. One subweb uses basic authentication ...more >>

I am using IIS 4 on an NT 4 machine with SP6. All my users have to login using an NT account and password to get to my website. I have changed my administrator account name and disabled guest. Every couple of months I find that all my accounts are disabled. When I check the logs I can see ...more >>

Hi, I am experiencing a weird problem with IIS 5.0. I created a virtual directory under our primary website and only allowed access using Basic authenication. The thing is most users can login just fine but there are a hand full of users that can not login at all. I have tried changing ...more >>

-------------------------------------------------------------------------------- I have a third party program (CodeManager 2004) that uses javascript to open new windows to display information. I have the web site running but the buttons\tabs on the page that reference the javascript:Open Popup fun...more >>

I have set up secure web site using ssl using microsoft ca certificate. Trying to test on actual server. the web site is at address http://compucorp.dynalias.com and i have setup a new zone on the dns server on this machine to point to the ip address. If set web site non secure then eve...more >>

Hi, I have a website using Active Directory on Windows 2000 Server to authenticate users. I turn on local audit policy to logon events. I also use Cybersafe Log Analyst to give me a report of logins but here is the problem, my users share accounts to give them access to different parts of the we...more >>

We have an .ASP application running on an IIS 5 W2K Advanced server, and recently users in another fully trusted domain are getting HTTP - 500 Internet Server Errors returned to their browser when accessing the application. All users within my domain in which is the Domain that hosts the...more >>

Hi All, I am facing a challenge, the description is given below:- For website security, IIS should have "Integrated Windows" option Checked, Anonymous and Basic Unchecked and SQL to work in Windows Authentication Mode only. The implementation should comply with the Security Policy Gui...more >>

Hi, I want to restrict access to my web server by Directory Security IP address and domain name restriction. I have the range of IP address for example 192.168.1.0 to 192.168.2.255 how can I do that? I don't want to use the dialog box for obvious reason. ...more >>

Commencing today, 12/29/03, I have received a ton of pop- up ads that are defeating my Norton Internet Security system. Each of the windows has at the top: Specific Network AD - Microsoft Explorer." Has anyone been nailed with this? What's the fix?...more >>

http://www.securitytracker.com/alerts/2003/Dec/1008563.html...more >>

IIS with all the lastest updates/patches and some kid executes code on the machine, uploads an FTP daemon then and uploads 10gb of movies & games - he usually puts everything into iissamples. - its all in German!!! ...more >>

I want to set up several sub web pages on my server to only allow members in. How do I configure my server to allow that ? The OS is Windows 2000 Advanced Server. I am using IIS to host my page. Thank you in advance. ...more >>

There is something automaticlly adding websites to my favorites area on my start menu. I delete them one by one, but everytime I start my computer the sites are back. How do I find out what is doing this so I can delete it?...more >>

Hello can sombody help me configure my server to lett my costumers to use the CDONTS to send mail. Here are my questions 1) Can they send mail thru the smtp server os must i configure it to use a smart host ( my mail server). 2) i have named my webserver web nad my dns server ns1 an...more >>

Hi, I've a problem and I guess it has something to do with IIS security. I've created an ASP which connects (from a win2k server) to an Access database on a NOVELL server. Every time the script results in an 80004005 Disk or Network error on the line where the connection is opened (cn.Open). ...more >>

I have some question about NTFS permission, I'm using W2k3 Standard Edition and PHP 4.3.4 1. If I do not add "IUSR_XXXX" user into NTFS permission, but I have "NETWORK" group which have "Read" permission instead, I can access to my website. So, is "IUSR_XXX" account is a member of "NETWORK" gr...more >>

Media Player, Netmeeting and possibly Outlook Express have no business being on a Locked-down windows 2003 Web Server used only to host web sites, yet I can not figure out how to un-install, or at least cripple, them. How do I do that? Thanks, Robert ...more >>

Hallo Liste, habe einen Win2003-Server mit IIS. Auf einem Verzeichnis habe ich die Integrierte Ameldung für einen Unterordner ausgeschaltet und Basis Anmeldung aktiviert. Im Dateiverzeichnis habe nur einem von mir angelegten User Zugriff auf diesen Unterordner erteilt. Das funktioniert s...more >>

I'm trying once again to set up IISADMPWD (.asp scripts) on a Win2k server. I've got an SSL cert for the web site, but permit browsing of the site via either HTTP or HTTPS. When (whatever mechanism is called into play and displays the IISADMPWD scripts) attempts to display one of the asp te...more >>

I need to put a password on my PC to prevent anyone from getting on it or at least getting on the internet. I am running windows 95. Please respond to my email harleyearl@cableone.net...more >>

I have been trying to keep my internet options content folder on Disabled and each time I shut down, it resets that folder back to enable. How can I permanently leave the content folder in the Internet options on Disabled?...more >>

Regardless of the settings I use for my web browser (MS Explorer) it continually rejects certain cookies required to perform tasks on eBay. For example, even with my Ms Explorer settings set for "accept ALL cokkies" it still will not allow me to perform such tasks as deleting "items for sa...more >>

Hi. What way can I enable collaborationt between IIS 6.0 application(ISAPI DLL Extension) and any decktop application (Win2003 EntServer). IIS 6.0 is in IIS 5.0 isolation mode (low level). This applications use DDE, Events, WM_CopyData, Map's for synchronization and data exchange. It was no...more >>

Hi, Using IIS6, I can browse web pages from the IIS6 box (localhost); but i can't browse same pages from computers inside our LAN. It should be some new security thing on Win2003. Anyone knows how to solve the problem? Any help would be apprecited, Ali ...more >>

We are a Microsoft shop here and we currently have two domains. Our user base is spread across our old NT 4.0 domain and some account are being migrated to our new Windows 2003 AD domain. I am needing to allow our remote users who use OWA and other web services here that require a NT login the...more >>

Here is the Error I receive The server was unable to logon the Windows NT account 'dealerschoice' due to the following error: Logon failure: unknown user name or bad password. The data is the error code. The user account dealerschoice is not on the machine or in AD, so where is it coming from? I...more >>

On Tuesday someone was able to install Apache onto our web server. They also install a mail server onto the web server. How can someone from the outside(internet) be able to install Apache and/or the mail server through our web server? The person install the mail server to use our web server send ou...more >>

We just implemented SSL and HTTPS is not work. Website works fine if using http. Https: server or DNS not found.. message. Thanks...more >>

I have a virtual directory that I do not want anonymous users to have access to, but the active x component in my app pops up a login box unless I run the virtual directory with anonymous access. Does anyone know what I need to do to make this work?...more >>

I have enabled SSL for IISADMPWD folder. when i try to change the NT password using OWA options i am getting page cant be displayed http error 500. But when I try from Intranet it works fine. I am using checkpoint as a firewall...more >>

My computer constantly locks up whereas nothing can be done on it for approximately 30 seconds every two or three minutes. In my prgrams list there is this program named mIRC, which is new and is something I did not install. I tried to uninstall it but I only get a message that it cannot...more >>

can you help...more >>

Delete iisadmin virtual directory is a problem or not?...more >>

I am running Windows 2003 with Exchange 2003 and my problem is with OWA. I have opened a port on my firewall other than port 80 for OWA. I then changed the default web site to use the same TCP Port, but I can't browse to OWA on that port. When I change the default web site back to port ...more >>

I have ASP pages using ODBC calls to connect to a separate server running SQL Server. When upgrading from Win2000 to Win2003, the pages broke and I am getting errors of unable to find page. The DSN for the ODBC works correctly, but the ASP pages are not able to display correctly. Is t...more >>

I recently had a security audit on one of my web sites running IIS 5. Two issues were highlighted surrounding SSL: 1. the server supports 40-bit and 56 bit ciphers 2. the SSL version 2 protocol is supported. I've been asked to investigate whether we can configure the server so that these ciph...more >>

I know this isn't the front page news group, they just weren't able to help me there and suggested I try another newsgroup ... so I'm trying here, because I think it is an IIS security issue not resolving, although I could be wrong. I have several different sites on my web server (server ...more >>

I have a VB application that FTP's information to the IIS server. VB then uses the XMLHTTP object to instruct an ISAPI extension to import the file into a SQL Server database. VB code looks something like this. Set objXMLHTTP = CreateObject("Microsoft.XMLHTTP") objXMLHTTP.Open "GE...more >>

I've been scouring the groups for resources and information on how to programmatically bind a server certificate to IIS 5.0 on Win2K. I've found the following article (http://groups.google.com/groups? q=IIS+certificate+programmatically&hl=en&lr=&ie=UTF- 8&oe=UTF-8&c2coff=1&selm=GRrWihEUCHA....more >>

All: I'm using an application called Workgroupmail, it's a mail server application. It has a Webmail package that integrates into IIS as a Virtual Web under the default web, it uses ASP. I can browse the login page, and compose message page. However, when I attempt to SEND mail, I get the f...more >>

I am using a code in ASP that uses a Java class. I am using GetObject("java:MyClass") to get the object of that class. It was working fine, But now we have shifted to Windows 2003 server with IIS 6.0. Here it doesn't works. It gives me an error with code '800401e4'. I've read somewhere it ...more >>

Hi, Does anyone know what kind of attack is this and how can be prevented? IIS servers will not be able to serve any other pages for the time when this attack is active. We use UrlScan and we have IIS 5/6 patched with latest security patches. However from IIS logs I can not see much abou...more >>

BufferShield is security software, capable of detecting and preventing attempts to execute code on the stack and the heap memory area, in order to stop the exploitation of buffer overflows. It is a very useful addition to Windows Update, minimizing the risk of unresolved security exploits, cause...more >>

I was running a search on my computer and I noticed that it saved my search on the autocomplete. I found out how to do it so that it doesn't show the autocomplete. But I want to know how to erase everything that has ever been searched so it doesn't come up any more. Thank you...more >>

When I was running a search, I noticed that it saved the thing I searched for. I found out how to turn off the autocomplete, but can someone PLEASE tell me how to clear the autocomplete list....more >>

My IIS 6 on Server 2003 worked fine for a month. Then, all of a sudden, it began prompting for a user ID and password and no id password combinations worked, including the admin. The system had not been touched for 3 days prior to this beginnning to happen. The logs show a 403.3 and 403.5...more >>

I have an IIS server that has thousands of folders and files that have been posted by a hacker. I have tried taking ownership, forcing new permissions, cutting off inheritance and am unable to move or delete the files. I ran The Checker to scan for trojans and backdoors, but it found nothi...more >>