Win2k3/IIS6 I would like to disable the file system object for some of the sites that im hosting on my server for security reasons, so this shouldnt be a server wide solution. Id appreciate any pointers,...more >>

We have an IIS 6 server that we recently installed. Everything is working fine and I wanted to enable SSL for certain webpages that will be available over the Internet. We have an Enterprise Root CA in our Domain, so I just went to the IIS server, went through the wizard and created the ...more >>

What is the difference between ver. 5 on Win2k server and ver 6 on XP Pro and can the Win2K version be upgraded? thanks -- And if you have time, check out my new website: http://hyman.sytes.net ...more >>

I am having trouble with internet explorer. Whenever i right click on a web page (any web page), the drop menu gives me a shortcut to a site that i do not want to be accesible to anyone. Does anyone know how i could DELETE the shortcut on the drop menu? please contact me at: Sherbopl...more >>

recently we have been unable to access our credit union information. a 128 bit version -SSL128 version is required. where do we go to get this updated version?...more >>

I want to clear all previous searches from my search button? thxs ...more >>

I have spent considerable time downloading updates but they wont install...any suggestions...more >>

I have downd loaded updates but they will not install...more >>

Hi all, I have a web server with a default web site that works fine. I added a new site, same IP and different port (81). The second site works fine (http://domainname:81/directory) until I try to install SSL on the second site. I set up a certificate server, requested a server certificate o...more >>

I am using Windows 2003 with IIS 6.0 and am trying to lock down one folder of my web site. I have gone into IIS then properties of the folder and select Directory Security. I removed the "Allow anonymous connection" and checked "Digest authentication for Domain servers". This allows m...more >>

Platform HP Proliant ML 530 Windows 2000 Server SP4 Exchange 5.5 SP4 Anyone have any information on this error: Event Type: Warning Event Source: Schannel Event Category: None Event ID: 36872 Date: 2/26/2004 Time: 9:28:39 PM User: N/A Computer: COMPUTER NAME HERE Description: No ...more >>

Has anyone adjusted their SSLv2 ciphers for IIS 5.0. The link below is a how to but it is very unclear about which ciphers and what steps should be followed. The issue became apparent after a Nessus scan http://support.microsoft.com/default.aspx?scid=kb;en- us;245030&Product=win2000 W...more >>

Hi, I'm having a problem with IIS in that I can't get it to feed a web page to my browser. A few points: I'm using XP Pro SP1, I installed IIS from with control panels. I'm not really sure where the source file should be now that I've enabled IIS though so this is problem 1. I see mention ...more >>

This is a copy of my class file.... Imports System.Collections imports System.Web.HttpUtility Imports System.Object Imports System.Data Imports System.Data.SqlClient Imports System.Data.SqlTypes Imports System.Management Imports System Imports System.ComponentModel Impo...more >>

I down loaded security updates and since I then I cannot open any attachments. A box comes up saying that OE has blocked the attachment. I know the people that these messages comes from and I know there's no danger in opening these attachments. How can I get my attachments back. I'm ve...more >>

Hi, we use Visual Studio.Net, SQL Server and Windows 2003 Server. It has always been no problem to debug ASP.NET applications through IIS under Windows 2000, but now only works if we give our developers admin rights on the server. The developers work directly on the server through windows ...more >>

We host about 5000 web sites for our students and currently use FTP for them to post their sites. What is the general consensus of webdav vs. ftp in regards to security?? I know ftp is poor due to clear text limitations. Does webdav introduce new security/exploit problems? Performance problems...more >>

OK - I have IIS 5 on a member server. The files are set at the NTFS level to 'authenticated users' (RX) and the IIS folder is set to 'basic authentication' ONLY. I have SSL required for this folder. I am trying to allow only valid AD users to visit this page: 1) can a user whose account is ...more >>

Hi. I'd like to expose a few documents so that employees can very easily access them at home. My idea is to use iis and ssl. That way, the employees could just use their web browsers to get the documents, but still be sure the connection was secure. I do not want to pay a certificate author...more >>

We have an old NT4 server with a few hosted sites on. Im seeing in the security logs that someone is trying to log in (and failing so far) with existing FTP usernames. They havent figured the passwords yet so authentication fails. So somewhere, someone is able to get a list of ftp username...more >>

I am trying to figure out how to set up my internet explorer with a password so that it can only be accessed via password, how would I go about doing that?...more >>

How can I allow anonymous browsing and secured publishing using IIS 5.1 with FPSE 2002. The IIS properties for the WEB Directory are set to anonymous, the anonymous access settings are set to browse and I have set up a local user account created in XP as one of the WEB's administrators. T...more >>

I couldn't find one, but please direct me if a similar thread / group already exists. I am trying to configure an intranet site on a Win 2K3 server running IIS 6.0 and server extensions 2002. The site works fine, but I cannot configure the permissions in IIS as required. The desired situ...more >>

In my cluster of two, not NLB. I used IISConfg.vbs /copy to Syncronize IIS, but it appears to have taken the Machine-Specific info like AnonymousUserName and Pass in metabse also. Do I make IUSR a domain account that is the same on both servers Do I delete the password in the metabase? Will the...more >>

I was told to give permissions to the following special directories. Where are these located. I donot see them on my web server. Thanks for your help. Administrator and System full control CGI (Athenticated Users, execute only) SCRIPT (Athenticated Users, execute only) INC...more >>

We have a junior program developer who is creating .net web applications, we have IIS installed on his XP for him to test the applications. Currently he is set as power user/debug user/VS developer. We do not want to set him as local administrator, but it seems like that is only way he could access...more >>

Hi all, On my website I set up a admin area where users needs to authenticate to read pages. After authenticated user may choose an upload page where a file is imported to a specific directory. In 9 of 10 cases the WriteFile fails with permission denied because IIS uses the anonymous user to...more >>

Hello, I am running W2k3, Exchange 2003, 2 nics on one of our servers. I wanted to create another public website on that server. The web site works fine from within the intranet for machines logged into the domain, but is prompting for a user name and password from outside our network...more >>

Have many others noticed a slow, but accelerating, increase in the amount of WebDAV supporting verbs getting thrown at their IIS servers ? Over the past 4 to 6 months I have watched this, starting with an almost non-existent amount, but now in the past month it seems to have really accelerated....more >>

We have an application on our web server that recommends not running iis lockdown. How do I remove the following virtual directories manually: IIS Samples MSADC IISHelp Scripts IISAdmin Thank you. ...more >>

Hi I have IIS setup as https: for my intranet and it is working OK, but when I whant to enable access from the Internet or from another domain it gives me error, on the IIS server IIS subauthentication is not configured correctly on local machine, the anonymouse password sync feature is disabled...more >>

Can URLScan be used to disallow certain keywords in the query string? I'd like to disallow Select/Delete/Insert/Update for example. thanks, Chuck...more >>

I have a server running IIS 4. It has a certificate installed and is running SSL on one of my sites. If I am at a page (http) and I make a user authenticate (basic authentication) the password is sent in plain text. If I am at a page (https) and a user authenticates using basic is the p...more >>

In IIS 5.0 you could establish a default domain for Integrated Authentication to use. However, in IIS 6.0 you have to enable Basic Authentication to enable this option. I have done this, but I am still unable to login without using domain\password or username@domain.com. I have a Windows 2000 Active...more >>

Hello everyone, This is the last post I will make before I have to contact Microsoft support.I want to make Frontpage Server Extensions 2002 work with UNC shares in IIS 6.0 but there seem to be one issue or the other with it.Has anyone been able to make Frontpage Server Extensions 2002 work in ...more >>

Hi all, I look after an intranet site. Our server is Windows 2000 running IIS 5. Access to pages on our intranet has always been done using the Anonymous Account. This has now got to change so I disabled Anonynous Access and changed the permissions on the root directory to allow the group Domain Use...more >>

I have 2 sharepoint team services servers, running IIS as part of the install. Users connect fine when using the following format http://<server name>/<site name>. But get repeated prompt for login, without succes, and eventually 401.1 error, when using http://<dns alias for server name>/<...more >>

I am running IIS6 on a Window 2003 server. Have set NTLM as the authentication method, and the userid/password/domain prompt comes up nicely when try to access the virtual directory. Then we got an error 402.1 when internet users try to access our web, hence I change it to 'basic authentication'...more >>

I've got 7 gb of web logs (going back 2 years). Is there a tool that I can use to scan for security issues? The tools with which I am familiar tell me how the web pages are being accessed (the main purpose of the logs), but skip over anything they can't recognize. Any suggestions? // Ric ...more >>

Hi I am using ADsGetObject for collecting information about an IIS Server (using the IP Address) eg. ADsGetObject("IIS://10.10.10.15/W3SVC"). This results in "The object exporter specified was not found". The destination server's os is "Win 2003". Please let me know if anyone encountered this...more >>

What's the best practice for allowing users to upload data to www servers in the DMZ from the private network via Frontpage? Is there some sort of solution utilizing RADIUS? If so, how do you configure the Webserver to point to the RADIUS server? Or can you take advantage of RPC over H...more >>

I have an ASP application installed on a Win2003 Server with IIS 6.0 I have the IIS Authentication Method set to Integrated Windows authentication When I try to access the site from a remote computer I am prompted by a username/password dialog box. When I enter my credetials, I get the "HTTP Er...more >>

i received pictures of friends and received message that oe removed unsecure attachments. how do i go abount viewing photos. and what does the message mean....more >>

Hi Several people have posted to this newsgroup the followin problem: IIS 6.0 processes anonymous requests properly for severa hours but then begins to deny anonymous requests and requires password. In my case this happens right after an SceCli event "Security Policy in the Group Objects ar ...more >>

WHAT OF THE ODDS OF ACTUALLY HAVING YOUR IDENTITY STOLEN ON THE INTERNET?...more >>