After I started getting parasite ads every time I ran my IE browser, I downloaded Ad-Aware on April 10, ran it and eliminated some 80 objects that it decided were spyware. Right away, I noticed on the next cold boot that my IIS service didn't start up, and worse, when I tried to start IIS in Wi...more >>

the other night, I forgot to turn log off of my computer, and I didnt turn it off either. The computer was on all night and hooked up to the net. Well today, I tryed to access sites on the net, and this web site keeps comming up, instead of the site I typed in. It wont let me access any ot...more >>

I have a W2K Server with IIS 5. I have set up a site for a friend and I need to give him access to publish to and edit his site. What do I need to do to create an account that ONLY gives him access to his site and NOTHING else? I saw the 'Web Site Opperators' section in IIS and I added his logi...more >>

What do I do?! It ALWAYS get the same info...i need accesssss!! HELP PLEASE...more >>

Does anyone know why my IIS server log is giving me the message below? I assume for some reason iis is stopping. Any idea, Sha #SubComponent: Process Accounting #Fields: date time s-event s-process-type s-user-time s-kernel-time s-page-faults s-total-procs s-active-procs s-sto...more >>

I think someone might have cracked my username and password in person on my desktop pc while I was gone. How can I tell? What does NT AUTHORITY\SYSTEM mean? Help!!! Tracy...more >>

I support a web based application which uses dots in the filenames of very long filenames. These filenames are randomly generated by users so its not predetermined when they will occur. If the name defined by the user is over 20 characters long, then our software will truncate the filena...more >>

We're using self-issued server certificates to implement SSL. We've created the page to add the CA to IE's Trusted Root CA List (http://support.microsoft.com/default.aspx?scid=kb;EN-US;297681) and want to substitute this page's url in place of the Security Alert popup to make it easier for the user...more >>

Hi: I have, what I hope, is a simple problem that is driving me crazy. I have an NT 4 domain structure that trusts (two way) with a Win2k3 domain. Under IIS 4 and IIS 5, one could configure Basic Authentication's DefaultLogonDomain with a "\". This setting would cause the client to loo...more >>

I recieve an error message "an error occured copying some or all of the selected files" while copying files to a Web Folder using webdav over SSL. It does not seem to make a difference what file types or sizes I try to copy. The sizes range from 2kb to 80kb. I have tried pdf, txt, jpg. The er...more >>

IIS Best Practice I am building an intranet server within our environment. I would like the user to use the anonymous login. The question I have is the account used for the anonymous login. Should the IUSR_USERNAME reside on the domain or on the local server. Are there any security ...more >>

hi i renamed admin account gave it a strong password now, i go to create a custom web anonym account then, should i delete old IUSR account or should i disable it ? -- atte, Hernán Castelo UTN Buenos Aires .. . . . . . . . . . . . . . . . . . . . . . . . . . ...more >>

I recieved a SSL cert .pfx file; the original IIS server was version 5, mine is version 6, I was unable to install it on the IIS6 server, but I was able to install on another IIS5 server. Does anyone have information on migrating SSL cert between IIS5 and IIS6? Thank you very for your tim...more >>

I have a 2003 server running IIS 6.0 with a Virtual Directory to a UNC Share on another server in the domain. The share permissions and the NTFS permissions are set, for the proper users. The Virtual Directory is set to use the authenticated user. I have windows authentication checked and anonym...more >>

I am running IIS 6.0, and noticed that when I put in the url http://www.xyz.com/dept-somewhere it gets automatically converted to http://www.xyz.com/dept%2dsomewhere if I put a trailing slash, it doesn't change the url. Is this a security feature? Can it be turned off? Rich ...more >>

If I'm running ASP in native IIS 6.0 mode, my understanding is that I only need to give IUSR and Network Service rights to folders appropriate content and system folders. I always thought that unless I explicity changed the Identity to IWAM for the Application Pools, that ASP would use the Netw...more >>

Hi, I needyour help.Its urgent. My main aim is to log the site activities in a database at runtime. I'm using W3C Extended Log File format for logging information. I can use ODBC Logging directly but I want cookies in place of IP Address. And Cookies are available only in W3C Extended log...more >>

Before you post a question to a Microsoft.public.*.security newsgroup, note that your question may already be answered below: Answers to Top Frequently Asked Questions: http://securityadmin.info My question is not mentioned below. How do I get an answer immediately, with no waiting? http:...more >>

Hello I have very interesting problem and i need to your help again. : I have server with WIndows 2003 server Web Edition + several web site, that work correctly with anonimous access. Now i try to set up new site and i can't browse normally. Anonimous access is allowed, NTFS permission are ...more >>

Hi I am running IIS 5 on a W2K server and AD. I have looked at the postings and tried a few suggestions but to no avail. My problem is when I try to browse the default web site it asks me for a user name and password. I have given the Local Admin username and password and also the AD...more >>

Hi All, I created a certificate using SelfSSL (by IIS). I was wondering where does the *.cer resides. Please help. Thanx. ...more >>

How do I change my 52-bit connection security, to a 128- bit connection security??...more >>

Hi, I want to ask,if anyone knows how i can enable or disable the question that Windows appears when you try to rename or delete a file : "Are you sure you want to delete the file ? " I want to delete or rename the file ,without Windows asking me all time. Is there a way to accomplish that...more >>

Hi, I have a setup of IIS 5.0 on a Windows 2000 server. I have created a = web site to run under Windows authentication. The default asp in this = site accesses active directory objects. Now I want this setup to support = delegation, so I have trusted the computer account of the IIS server f...more >>

I have IIS 6.0 with a new website and setup with Intergrated Authentication and NTAuthenticationProviders="Negotiate,NTLM". What SPN, Delegation in Active directory and/or setting need to be in place for the client to use Kerberos. The client keeps negotiateing to NTLM. This is what I have done ...more >>

Hello, I am trying to run a PHP/MySQL application on Win2k3 using IIS. PHP runs fine, but when it tries to access the MySQL client library it spits out this error: Can't create TCP/IP socket (5) What does this error mean? I have IIS running with the IUSR account. When I change it to...more >>

We are using IIS 6.0 to run an ASP application. When trying to access a Crystal Server Page (.csp) which is used to process certain Crystal Reports methods, the following error is returned: HTTP Error 405 - The HTTP verb used to access this page is not allowed. Internet Information Ser...more >>

I'm setting up IIS on W2K with Windows Integrated security. The passwords are not working the way it should or at least the way I would have expected. There is a single index page with various directories on the site. All directories, files and the index page have the same security. I acce...more >>

Hello I've got two SSL sites configured on my IIS server. The first has IP 192.168.1.2 and starts normal. However the second SSL site binded to another IP (192.168.1.5) doesn't start at all and gives the following error: Cannot create that file when that file already exists Have I overlooked som...more >>

my son knows my password to open my user account, he changed my pasword now i can't get in .......more >>

to microsoft this report information regarding the condition op pc doctor oncall will scan tell yours is have page error signature that contend c~documen"/pc/locals~1/temp/wec159.tmn.dir 00/appco/mpat.txt error splease sthanks yours ...more >>

I was browsing online and suddenly some website changed my home page to this weird one, and it added a whole bunch of "favorites" and desktop items to my computer. I cant change my homepage, the new one is called www.motor- search.com Please Help i will appreciate it so much...more >>

i need books/tutorial for instlling/configure SSL on IIS. any links? thanks. ...more >>

hi,EVERY time i start my comp.my activity log shows under unknown activity that site 255.255.255.255 is hitting my port 61112 2 times per minute constantly while comp. is on.the remote port automatically changes one number each time.have used visual trace and found this site is internet as...more >>

I would like your thoughts and impressions of the events of today and ask how you would handle this or if I am wrong and this is "normal" behaviour for a web provider and IIS. I am normally a vb.net windows programmer but I needed to do some web work that involved web pages and data access. I ...more >>

Can someone please help me? I cant access secured sites. It tells me that I'm unauthorized to view this site and gives me the error Http 403 Forbidden. Can someone help?...more >>

i can't get rid of the porno spam even using norton/mc afee. only want to recieve messages from people in my address book. how do i do this?...more >>

Hello, We need to set up WebDav for our developers. Could anyone guide us to a white paper or other resource on how to do this properly and securly? Thanks a lot! ...more >>

I have my home page locked (or it was locked) on a safe site. Example MSN or Yahoo. I have clicked on apply and OK. I have even installed SPYBOT and have used the advance mode setting and clicking the appropriate area that will not allow my home page to default to another. (area is g...more >>

Greetings We are using a .NET application to connect to authorize.net. When first doing this, we were getting the following permissions error. "Unable to find an entry point named EnumerateSecurityPackagesW in DLL security.dll" To fix the issue, I added the ASPNET user group to the f...more >>

I want to make use of msxml2.xmlHttp to pass sql statement to Sql Server through IIS. It has no problem if I use http. However, when I try to use https to do the same thing using https, vb propmts a run-time error "Method 'send' of object 'IXMLHTTPRequest' failed. What did I misconfig? I con...more >>

we all know that this is dangerous right!! iam a newbie with the terms directory traversing and directory browsing. Although i know ( ithink) what these term mean, but enabling parent path allows a user to do which one exactly also if i have a lot of code which has used "../" and is currentl...more >>

Can you export a Server SSL certificate using another server's IIS manager?...more >>

Hello I have a 2003 server box with IIS 6. While logged on to the machine with an admin account, I am prompted for to log on whenever I try to access http:\\servername. If I enter my domain admin account, I can't get through even though the account is in the local admin group. After entering the...more >>

I have converted our production server to 2003 Server and have one website that is giving me fits. I am getting the following error on a CreateObject("scripting.dictionary") command. The error is Server object error 'ASP 0178 : 80070005' Server.CreateObject Access Error The call to Se...more >>