Here is a post I did to the webappsec mailing list which I is very relevant to this newsgroups. I also very interested if your comments about this issue. Dinis -------- Original Message -------- Subject: On sandboxes, and why you should care On 29/03/06, Andrew van der Stock <vand...more >>

I accidentally posted the following message in the ASP newsgroup, so I thought I would post it here as it probably belongs in this group instead. I have what I think is a simple question but I am finding nothing but complicated answers. I have a web site running on IIS6. One directory used...more >>

Hi, I'm trying to setup Communicator Web Access (CWA) on a server that is already running Live Comms 2005, Exchange 2003 & OWA. I have done a test install on a VMWare machine, got it up and running successfully. However now I am trying to do it on the live system, I can not get it working. ...more >>

Hi, any expert out there can advise on how to allow the iusr_servername to access a network printer? I have try the solution posted on KB to edit the hkey_users/.default..... setting, no luck. Please help..... I need the isur_servername to print to a printer link to a PC printserver. I have se...more >>

I am trying to set up a virtual directory that uses SSL (at the moment it just contains index.htm). Once all the various settings are set I can navigate to this page from within my network (but external sites produce a page not found error) If I switch off ‘Require SSL’ I can navigate to t...more >>

For some reason all of the BIN folder in any IIS virtual servers are being hidden automatically. I don't mean hidden from the .net application, but simply hidden. They are visible only via FTP or command prompt, but not explorer (regardless of folder options.) There have been no changes made...more >>

I'm trying to determine the best way to restrict access to static files in IIS6.0. From my understanding the recommended solution is to remove the extension from the MIME types in the IIS6.0 console. However testing has shown that you also need to remove these from HKEY_CLASSES_ROOT as well....more >>

The Brain Komar texts implies that the enterprise subordinate CA (i.e. issuing CA) needs to reside on the same machine as IIS. From a security perspective, this seems like a poor design. From a network standpoint, it means I have to support multiple IIS servers in my LAN. Neither is accep...more >>

IIS 6 Win2K3. I created a new virtual folder. That points to \\fileshare\myfolder. the virtual folder is set to use integrated windows authentication and the "connect as" is set to "Always use the authenticated user's credentials when validating access to the network directory." So.. I...more >>

Hello, We have three environments test, acceptance and production. On the test and production environment everything works fine, but acceptance is something different. So you should say make acceptance the same as test and production. So I did but it still doesn't work. When I open my webse...more >>

hi, sorry by my bad english in advance. Configured server with IIS 6 and one Certificate SSL in default web. All run ok. I need one .cgi of this web to run locally without SSL : Configured additional virtual web in the server for access locally without SSL to the website via http://loc...more >>

I have a webiste where the web master would like to have others download exe off the site. Righth now when I try to click on the link it will not download the file. If I chage it to a zip file it works just fine... Any thought or ideas Thanks, Brian...more >>