Aug 28, 2009
Following up on my last two blogs, we continue to notice that folks have difficulty properly configuring IIS in a secure manner, because they tend to over-open the security of their system, giving privileges to both the "request identity" and the "process...
0 comments
Tags: Securityprocess model
Jun 25, 2009
Last week I posted the following blog which showed how to use Process Monitor to troubleshoot service startup issues. http://blogs.msdn.com/webtopics/archive/2009/06/16/troubleshooting-service-startup-issues-with-process-monitor.aspx To continue on that...
9 comments
Tags: IISHTTPIIS6securityToolsAccess DeniedAuthentication
Jun 16, 2009
Many things can cause a service, like IIS’s World Wide Web Publishing Service, to fail on startup. When troubleshooting such an issue, Process Monitor can be an invaluable tool. What Process Monitor does is monitor all File and Registry access on the...
1 comments
Tags: IISIIS6securityLoggingTools
Jun 08, 2009
Dynamic IP Restrictions (DIPR) was created to give users a tool to help mitigate the effects of DOS attacks and certain brute-force password breaking attempts. The Out-Of-Band (OOB) feature description is (perhaps more elegantly) outlined on this page...
2 comments
Tags: ExtensionsSecurityIIS7IIS News ItemIIS 7Microsoft
Apr 28, 2009
This topic has been covered many times both by Microsoft and non-Microsoft employees. However, I’ve recently been asked what the main features of IIS 7 are and have seen a great deal of misinformation about IIS security on twitter, blog posts and forums...
1 comments
Tags: PerformanceIIS 7InstallationApplication PoolsIIS 5.1IIS 6IISconfigurationLoggingURL RewriterSecurity
Feb 17, 2009
After sending an HTTP request to IIS, an Internet Explorer client displayed the following error message to the user: Bad Request Beginning in IIS 6.0, “Bad Request” errors are almost always returned by HTTP.sys, so the next step was to look in the httperr...
0 comments
Tags: HTTPsecurity
Feb 17, 2009
Today IIS team has released the Dynamic IP Restrictions Extension for IIS 7.0 - Beta. The Dynamic IP Restrictions Extension provides IT Professionals and Hosters a configurable module that helps mitigate or block Denial of Service Attacks or cracking...
Tags: OtherIIS News ItemSecurity
Dec 26, 2008
I was working with one of the customer on Urlscan and their requirement was to install Urlscan on Windows Server 2003 64-bit to hide Server's identity. Basically in Urlscan.ini , we can configure "RemoveServerHeader=1" to server's identity from HTTP Header...
1 comments
Tags: IIS7.0IIS6.0URLSCANSecurityTroubleshooting