Re: WIN2000 and IIS

From: Marc Fossi (mfossi@securityfocus.com)
Date: 08/28/01 

Date: Mon, 27 Aug 2001 16:21:18 -0600 (MDT)
From: Marc Fossi <mfossi@securityfocus.com>
To: Margaret CTR Rhodes <Margaret.CTR.Rhodes@faa.gov>
Subject: Re: WIN2000 and IIS
Message-ID: <Pine.GSO.4.30.0108271610050.8037-100000@mail>

I tested this here in the lab.

Fresh install of Windows 2000 Advanced Server onto a 5gig clean NTFS
partition. I accepted all the default settings. During installation,
when I was asked to select installation components, I unchecked IIS and
continued with installation.

After installation was complete, I checked Services and found no IIS
services to be installed or running.

To test a suggestion someone else had made to Focus-MS, I went into
Add/Remove Programs and selected Add/Remove Windows components. From
there, I went into the Networking Components list and checked COM Internet
Services Proxy. When I clicked Ok and was back at the top-level component
selection screen, IIS had automatically been checked off. If I attempted
to uncheck IIS, a message dialog popped up stating that another component
I was trying to install was dependant on IIS and listed COM Internet
Services Proxy as the component.

I don't believe that this is a bug or a vulnerability, just something to
pay attention to when installing any software or components.

Marc Fossi, MCSE
SecurityFocus
www.securityfocus.com

On Mon, 27 Aug 2001, Margaret CTR Rhodes wrote:

> This may be a subject answered in the past, but I haven't seen anything on it
> lately.
>
> Yesterday, our systems administrator, Mike Miller of RS Information Systems,
> loaded Win2000 on a server and deselected IIS. Despite this, IIS loaded anyway
> with no notification that the deselection had been ignored. He tried this a
> couple of times and our Incident Response team is testing it now. The only way
> he knew that it loaded was that he went in and checked the list of services--and
> there it was!
> Is there any information out there about this on any version of W2K?
>
> There were several people out there that may not have put the patch on because
> they deselected IIS--and then were hit with Code Red.
>
> Here is the configuration of the machine.
>
> It's a Gateway E-5200
> Processor - Pentium III 600 MHZ
> Memory - 256 MB
> Adaptec 29160 Controller
> Hard Drive - IBM DMVS 18.2 GB
> Nic - 3C905c
> Win2000 Basic
>
> Maggie Rhodes
> ISS Analyst
> RS Information Systems
>
>
>

Relevant Pages

  • Re: WinXP - Private SSL certificate cannot install?
    ... Next the Adminsamples in XP Pro is ... > Have removed and re-installed the certificate and also> replaced with another certificate without improvement. ... I> uninstalled and re-installed IIS hoping that it was a> faulty installation, but the directory is still missing. ...
    (microsoft.public.inetserver.iis.security)
  • Re: WIN2000 and IIS
    ... Subject: WIN2000 and IIS ... Fresh install of Windows 2000 Advanced Server onto a 5gig clean NTFS ... During installation, ... Services Proxy as the component. ...
    (Bugtraq)
  • Re: Cannot install IIS
    ... Well, surprise surprise, the script monkey was wrong. ... Other than drivers, the OS is box-stock. ... tinkering with IIS files, or removing the ones needed to ... complete the installation. ...
    (microsoft.public.windows.mediacenter)
  • Re: Cannot install IIS
    ... Just relaying something Dell Tech Support told me ... Other than drivers, the OS is box-stock. ... tinkering with IIS files, or removing the ones needed to ... complete the installation. ...
    (microsoft.public.windows.mediacenter)
  • Re: Cannot install IIS
    ... Uh, no, Dell doesn't. ... Other than drivers, the OS is box-stock. ... tinkering with IIS files, or removing the ones needed to ... complete the installation. ...
    (microsoft.public.windows.mediacenter)