RE: What I would like the MS IIS Lockdown tool todo
From: McCammon, Keith (Keith.McCammon@eadvancemed.com)Date: 08/28/01
- Previous message: Brian Baker: "Re: WIN2000 and IIS"
- Maybe in reply to: Ian Macdonald: "What I would like the MS IIS Lockdown tool todo"
- Next in thread: akomolafe: "Re: What I would like the MS IIS Lockdown tool todo"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <BB7FD4FF9E440648A731452E5D341FB0654497@hitsexchange01.advance-med.com> From: "McCammon, Keith" <Keith.McCammon@eadvancemed.com> To: 'Ian Macdonald' <secmail@dirk.demon.co.uk>, 'Focus-MS' <focus-ms@securityfocus.com> Subject: RE: What I would like the MS IIS Lockdown tool todo Date: Tue, 28 Aug 2001 12:57:11 -0400
---------------------------
1) First I would like a good document describing what it is supposed to
do and how this tool does it.
---------------------------
It looks like the .chm is as good as it gets.
---------------------------
2) I would like to be able to run it from the command line.
3) Logging to a text file, explaining what files have been deleted, what
registry settings have been changed, and what metabase settings have been
changed
---------------------------
You can start it from a command-line, but it doesn't appear to behave any
differently. It just runs its course as always.
---------------------------
"The source code??"
---------------------------
That's funny. I'll just leave that one alone...
---------------------------
I was really hoping that this tool would allow me to remove unneed script
mappings from all websites and virtual directory. It is easy to remove the
script mappings using something like
cscript c:\winnt\system32\inetsrv\adminsamples\adsutil.vbs set
/w3svc/scriptmaps ".asa,C:\WINNT\System32\inetsrv\asp.dll,1,PUT,DELETE"
".asp,C:\WINNT\System32\inetsrv\asp.dll,1,PUT,DELETE"
---------------------------
I think that the hisecweb security template should knock this out.
Overall, I was pretty disappointed with the tool as well. So I do feel your
pain. The more tools they put out, the more I realize that if you want it
done right... (you know the rest).
- Previous message: Brian Baker: "Re: WIN2000 and IIS"
- Maybe in reply to: Ian Macdonald: "What I would like the MS IIS Lockdown tool todo"
- Next in thread: akomolafe: "Re: What I would like the MS IIS Lockdown tool todo"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
