What I would like the MS IIS Lockdown tool todo

From: Ian Macdonald (secmail@dirk.demon.co.uk)
Date: 08/28/01


Date: Tue, 28 Aug 2001 12:09:34 -0400 (EDT)
From: Ian Macdonald <secmail@dirk.demon.co.uk>
To: "'Focus-MS'" <focus-ms@securityfocus.com>
Subject: What I would like the MS IIS Lockdown tool todo
Message-ID: <Pine.LNX.4.33.0108281155430.21408-100000@dirk.oathbound>

The Microcoft tool looks interesting, but it doesn't really fit my needs,
it woudln't even run on my desktop machine since I had already deleted
idq.dll so wouldn't let me continue.

1) First I would like a good document describing what it is supposed to
do and how this tool does it.

2) I would like to be able to run it from the command line.

3) Logging to a text file, explaining what files have been deleted, what
registry settings have been changed, and what metabase settings have been
changed

4) The source code??

I was really hoping that this tool would allow me to remove unneed script
mappings from all websites and virtual directory. It is easy to remove the
script mappings using something like

cscript c:\winnt\system32\inetsrv\adminsamples\adsutil.vbs set
/w3svc/scriptmaps ".asa,C:\WINNT\System32\inetsrv\asp.dll,1,PUT,DELETE"
".asp,C:\WINNT\System32\inetsrv\asp.dll,1,PUT,DELETE"

but this only removes the script mappings from the master IIS
propertities,so if someone has changed the settings for the individual
website then you would first have to know all the website installed then cycle
through them running a similar command on each defined web site.

Does anyone know of a tool has written a script already that can do this?

Thanks

Ian