How to disable WebDAV

From: Tony Maupin (Tony@TheMaupins.com)
Date: 05/28/02 

From: "Tony Maupin" <Tony@TheMaupins.com>
To: <focus-ms@securityfocus.com>
Date: Mon, 27 May 2002 21:37:53 -0500

Here is the crap Microsoft says about diabling WebDAV "Because WebDAV is an
extension to the HTTP protocol, the concept of disabling WebDAV verbs is
like disabling native HTTP verbs such as GET, POST, and so forth. This
article describes the process to use to disable WebDAV for those extreme
cases in which a Web administrator does not want any WevDAV functionality at
all. "

Here's what is said about WindowsXP "Windows XP contains an even deeper
WebDAV integration. Using XP, all Windows32 applications are WebDAV enabled
as the OS itself contains WebDAV capability. "

How to Disable WebDAV for IIS 5.0
http://support.microsoft.com/directory/article.asp?ID=KB;EN-US;Q241520&

How to disable WebDAV in WindowsXP

Open Regedit
search for "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MRxDAV"
change "Start" to 0 (that's zero)

Sorry, I didn't have time to check the other OS's. I'll check later and
post.

Tony
----- Original Message -----
From: <winx@btconnect.com>
To: "Tony Mason" <Mason@osr.com>; "'o00o_j'" <o00o_j@yahoo.com>;
<focus-ms@securityfocus.com>
Sent: Monday, May 27, 2002 7:22 PM
Subject: RE: Why does XP establish HTTP connection when browsing network s
hares?

> Hi,
>
> Exactly how is WebDAV disabled?
>
> Regards,
> Alex Jordanov
>
> ---- original message ----
>
> >This is the WebDAV mini-redirector that is part of
> Windows XP (mrxdav.sys).
> >It consists of this kernel mode driver, a user mode
> service, and the
> >mini-redirector wrapper (rdbss.sys).
> >
> >You can disable WebDAV and nobody will notice
> UNLESS they are using DAV.
> >
> >Regards,
> >
> >Tony
> >
> >Tony Mason
> >Consulting Partner
> >OSR Open Systems Resources, Inc.
> >http://www.osr.com
> >
> >
> >-----Original Message-----
> >From: o00o_j [mailto:o00o_j@yahoo.com]
> >Sent: Friday, May 24, 2002 3:14 PM
> >To: focus-ms@securityfocus.com
> >Subject: Why does XP establish HTTP connection when
> browsing network shares?
> >
> >I've noticed some strange behavior from our IDS.
> Ever since deploying
> >Windows XP to our network, I've been seeing
> connection attempts to port 80
> >on servers not running HTTP daemons. Taking a
> closer look, I discovered
> >darn near every one was from a windows XP machine
> belonging to techs who
> >service those servers. I left it as a curiosity until one
> day, by chance,
> >I noticed my machine triggered the same IDS alarm
> right after I opened a
> >network share (C$) on that machine.
> >
> >Digging down further, I captured a TCP conversation
> between my PC (an XP
> >machine) and a server. Sure enough, towards the end
> of all the SMB jargon
> >is an HTTP exchange, with my client at one point
> sending the following:
> >---
> >OPTIONS / HTTP/1.1
> >translate: f
> >User-Agent: Microsoft-WebDAV-MiniRedir/5.1.2600
> >Host: [NetBIOS name of host i'm trying to connect to]
> >---
> >and receiving back a canned warning from my IDS.
> I'm sure this is nothing
> >to worry about, however I'm concerned about disabling
> it to limit false
> >positives on my IDS. Any ideas? thoughts? Any info.
> would help here...
> >our XP guru in-house had never heard of this before.
> thanks in advance.
> >
> >-j
> >
> >__________________________________________________
> >Do You Yahoo!?
> >LAUNCH - Your Yahoo! Music Experience
> >http://launch.yahoo.com
> >
>
>

Relevant Pages

  • Re: Microsoft Security Advisory MS 03-007
    ... for disabling WebDAV. ... Note that the IIS Lockdown wizard DOES NOT set this registry key, ... Here is the batch file I use to disable WebDAV: ... CERTAIN CONFIGURATIONS OF THE IIS LOCKDOWN TOOL DO ...
    (Focus-Microsoft)
  • Handling HTTP PUT with HttpHandler
    ... I'm trying to support WebDAV using an HttpHandler, ... data in a database rather than flat files. ... that PUT requests were not getting through to the handler, ... and in fact if I disable WebDAV (see ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: WebDAV nach URLScan
    ... Disable WebDAV ... Everyone has the ability to Execute this file. ...
    (microsoft.public.de.inetserver.iis)
  • Re: ftp versus WebDav
    ... Sent via Windows Mail on Windows Vista, ... I thought that I might use WebDav on one w2003 member server on my SBS2003 and eliminate the standalone FTP site but keep a good level of security. ...
    (microsoft.public.windows.server.sbs)
  • Re: rsync over http?
    ... > There is WebDAV, and a davfs that implements remote file ... > sharing semantics via DAV (which in turn uses HTTP). ... WebDAV server testing and scripting. ... This Version supports HTTPS, including Client Site ...
    (comp.unix.questions)