We are running IIS5 in Windows Server 2000. Two days ago, a hacker managed to install a trojan on our server through IIS. I have run the IIS lockdown utility and besides automatic updates, I *manually* check for updates every other day, so I have the latest updates. How can I make 100% ...more >>

My Windows 2000 Server is behaving strangely. If I open the Task Manager, it immediatley closes. Same thing with RegEdit. Any ideas?...more >>

I have just installed a router and when I click on the Frontpage 2002 server extension settings ( in the properties of my default web site in the IIS services ), it now prompts me for a username and password. I have tried using a username that is part of the admin group, but it won't work. And ...more >>

It's got to be something simple but I just can't see it. I created a dirtectory and copied an existing web site over to it from another machine deleting out all the non-content files and directories; then I created a web and enabled anonymous access using IIS properties for the site on a win ...more >>

HELPP!! everytime I connect to the internet, 3-4 minutes later, I get disconnected automatically, then reconnected using some x-rated dial-up setting that is installed automatically to connect to some x-rated server. I need help urgently thanks...more >>

Hi, It's been awhile since I've gone down this road, but I just installed a clean installation of Win2K Advanced Server with IIS5. The Windows CD was an SP3, and the web server machine is configured as a standalone server (no Active Directory, no Certificate Service). I am setting an SSL w...more >>

If I give IWAM and IUSR accounts full access to a folder and database on our intranet and that same server is used as our WWW server, will the outside world have access to that folder and the database? Tim ...more >>

I have a windows2000 server with IIS5, there are several site configured and all work fine; Now i want that one site is on HTTPS protocol. I have followed all the indications that I have found on this newsgroup and on the net: request for certificate, generate a certificate, install the certifi...more >>

How do I prevent a web site from hijacking my default start page on the explorer brauser?...more >>

hi we have some folders with member logins i have defined a new user called "member" and saved the password as "reversed" (found under account options) then i have ticked in IIS security the folder "member" as: - windows authentication - cleartext - digest (all 3 boxes) it works p...more >>

I have created a web service and deployed it on IIS 6. When it uses the DefaultAppPool I can connect to it fine when I have set the web service to use windows authentication. I need to set the web service to use a different app pool though, and when I do, I get a 401.1 error 'you anre not au...more >>

Hi is it possible to set settings under "Directory Security -> IP address and domain name restrictions" with vbscript I want a user to enter his internal ip-range in a hta file and then a script should set the settings for some virtual directories. I didn't find this in the iis scripts under c:\wi...more >>

IE Basic Authentication has always had some kind of quark and it seems the quarks has either gotten worst or Microsoft is now forcing some behavior change "issue" on people. In short, it is so time consuming, with little input directly from the horse's mouth, to try to understand Microsoft's v...more >>

I got this message, and I would like to know if this message is really from Microsoft, or if this is a trap. To scan for some parasites, I went to www.doxdesk.com/parasite and it did not find anything in my computer. Please advise. Can you send me a note back to my e-mial? I am not sure how...more >>

What do I have to do to enable a Web Service in IIS 6.0?...more >>

I am setting up a simple single ftp and website on my DSL- connected (static IP) W2K Workstation Pro using IIS 5. I will have all service packs and security hotfixes installed and will use Windows Update to dynamically install any new critical updates as they appear. I intend to follow th...more >>

I am having a problem on Windows 2003 Server. On 2000, I could have a multi-homed server, as long as I only had 1 SSL per IP. ie: port 443. If the certificate was assigned to https://secure.foo.com, it works fine. If I go to a multi-homed site, on the same IP, but NO SSL included, and I ...more >>

hi; i got a few websites on a server and they all seem to work ok. I have now configured a login for a certain "safe" area; and did this by adding a user in the user manager of the domain; and by changing the permissions to CLEAR TEXT (and desactivating anonymous access) This all works ...more >>

I have setup 1 web server using 2003 and installed a SSL certificate, all appears okay. The ssl certificate is only for the /internal area which is on our internal server. Users are able to login but are continously prompted by the system to allow non-secure items, I understand is it possible to ...more >>

I've asked in another post a more detailed question about IIS6 communicating with SQLServer 2000 when the two are on different servers, but it occurred to me that I may have a very basic misunderstanding about Windows Integrated Security in an internet scenario. When we allow anonymous ac...more >>

I've asked over on sqlserver.security and am hoping for some additional guidance here, because we're not out of the woods. We're using Win2003 server and ActiveDirectory. We want to run SQL2000 on Server1 and IIS6 on Server2. The IIS on Server2 is for Internet access. Server1 also has an IIS...more >>

I have inadvertantly downloaded an annoying programme which keeps trying to connect with pop-up ads whether I am online or not-it is becoming extremely bad as it is interupting alot of work im doing and games that I play. I have no idea how to find this thing and it doesnt seem to show up ...more >>

I've got a problem with local IIS. After first try to connect http://localhost/ IIS stops. In the event logs I see many messages like ************************** A condition has occurred that indicates this COM+ application is in an unstable state or is not functioning correctly. Assertion Fai...more >>

We are running SQL Server 2000 and IIS 6 on separate machines. We are building an intranet application and want to use integrated Windows authentication in order to identify the users and validate them in SQL Server because their security role determines what they can do in the application. We hav...more >>

My administrator installed a certificate for SSL on the default site, but now there we have a second site using port 81. I can't access it using https. Can SSL only use the default site?...more >>

I tried to send an email to a recipient that was rejected by my server as invalid. Fine, but now the error message pops up allthe time and I cannot get rid of it. Any suggestions? Thank you....more >>

I have gone to the internet options and deleted all the cookies and temporary files that i have. I have gone to the control panel to the internet options menu and tried changing the security settings in the advanced icon. And i even tried to download the internet explorer again to replace this one t...more >>

For the first time ever I've encountered something on the internet that really disturbs me. I was jumping around on the net and when I finished I logged off , as usual, and shut down. The next day when I tried to log on again ----- instead of my usual browser(G...more >>

Hi I just installed CA to issue a certificate for my company local mail ser= ver. Now, when I aceess OWA web site, I get a warning that a certificate isn't signet by agency (because I generated the certi= ficate). When I click Yes, I get second warning saying: ''THIS PAGE CONTAINS BOTH SECURE...more >>

Users currently use HTTP to access Outlook Web Access. How can I setup IIS 6.0 to redirect the HTTP to HTTPS? (SSL has been enabled for OWA) Any help would be much appreciated. Thank you....more >>

Hi, first the facts. I have an iis 4 with active ssl (server and client have trusted my own root CA, that was generating my x.509 server certicate). So all will be fine ssl work, without errors or warnings. So now the same root ca generated a client certificate that the client has successful...more >>

http://www.525reasons.com/ #229 OTTAWA (AP) Stung by a pop quiz about foreign leaders earlier in his campaign, U.S. Republican presidential candidate George W. Bush has fallen victim to a foreign affairs prank. Canadians are chuckling over his on-air answer when a comic posing as a repor...more >>

I have a web folder setup on IIS 5 on Win 2K server. The authentication level is set to Integrated Windows Authentication, and I do not allow anonymous access. It wouldn't matter if I did, because the folder and it's contents have specific NTFS permissions. This has been working well for all...more >>

I had some group policy problems and my permissions got screwed up. Since then, none of my executables won't run through the website. I feel confident it is related to a local security policy preventing it from running but not sure which one it is and how to correct it, any ideas?...more >>

I have an ISAPI extension application. Usally we set application protection setting in IIS to medium. But in few machines we ae getting error(500). In such machines we need to set protection level to low. Please help.....more >>

I have got the "Default Web Site", Another Site created under the name say "Lotus" for example. This Lotus website is having a folder called Lotus1 which should be accessed by people over the Internet through Windows Authentication method. I have disabled Anonymous access to this site an...more >>

I have a question regarding using IIS to host a Intranet site for my company. I am wondering how I could use our Active Directory to set permissions to certain sections (files and folders) in our intranet. I have fooled around with the file's security settings, allowing only 1 user to access it ...more >>

Today I have received an e-mail congratulating me on winning a very large sum of money in Euro's. It comes from a Jantent Van Hoornbeck of internation world gaming board from Hoens Garadus of Lucky Day inernational. Supposed to be selcted by computer ballott of Microsoft users. Do you know ...more >>