Re: Securing IIS/5 with ASP

From: Jools Chesters (joolsc@immerseyourself.co.uk)
Date: 01/27/03

  • Next message: Rickards, Trevor ERM: "RE: Win2k log management"
    From: Jools Chesters <joolsc@immerseyourself.co.uk>
    To: "Ralph Los" <RLos@enteredge.com>, focus-ms@securityfocus.com
    Date: Mon, 27 Jan 2003 10:44:14 +0000
    
    

    If you need to find out more details about a 500 error (it could be
    something more than a file permission problem) put a copy of
    500-100.asp (from the \winnt\help\iishelp\common directory) into the
    root of your site.

    Under the custom errors for the site change the 500 error to URL and
    type /500-100.asp for the URL.

    Hope this helps.

    Jools

    On Fri, 24 Jan 2003 12:55:54 -0500, you wrote:

    >Hello,
    > I have a document I've built over the years about securing IIS/5,
    >with regards to permissions, etc right down to the file level. This often
    >works, except when I get that pesky ASP engine involved. I'm sick of
    >HTTP/500 errors! I know for a fact the error is with file permissions, but
    >I can't pin-point which file(s) are causing it. I've had the dllhost.exe
    >keep getting "ACCESS DENIED" (Using NTFileMon from sysinternals.com) on
    >C:\winnt\system32\<some_file> but...the permissions on that
    >file/folder/whatever are IUSR/IWAM/SYSTEM (RWX).
    >
    > Bottom line, does anyone have a definitive "baseline IIS/5 w/ASP"
    >security document done I could look over? Just curious - dying to know what
    >I'm missing.
    >
    >?Ralph