RE: FPSE Admin Listner on IIS 6.0
From: Sergey V. Gordeychik (gordey_at_infosec.ru)
Date: 03/01/04
- Previous message: Tod Beardsley: "Re: Preventing OS Detection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 1 Mar 2004 16:45:51 +0300 To: <dwr3ck@hushmail.com>, <focus-ms@securityfocus.com>
From: dwr3ck@hushmail.com [mailto:dwr3ck@hushmail.com]
>Question. Does anyone know the proper,
>supported method of killing the
>listener so all administration
>must be performed locally on the server?
1. Open Internet Information Services (IIS) manager.
2. Go to <Servername> - Web Sites
3. Find "Microsoft SharePoint Administration"
4. Open "Properties".
5. Click on Advanced
6. In "Multiply identifies..." select "default..." and click "Edit"
7. Set IP address "127.0.0.1"
8. Click "Ok" 3 times.
9. Restart Website
So - you bind your Website to 127.0.0.1:9596, and it can be accessed
only locally.
Remember that by default IIS enable socket pooling feature, and it will
listen on _all_ adapters on port 9596 (default for FPSE), but if
somebody try to connect to this port from network, they will get "Bad
Request (Invalid Hostname)" error.
If you want prevent connections, disable socket pooling (not
recommended) or use port filtering with ICF or IPSec.
---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security
Protect your network against hackers, viruses, spam and other risks with
Astaro Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost
of ownership.
Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040301
---------------------------------------------------------------------------
- Previous message: Tod Beardsley: "Re: Preventing OS Detection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
