RE: URLScan
From: Bonner, Jon (Jon.Bonner@k12.sd.us)Date: 03/11/02
- Previous message: Radoslav Dejanoviæ: "Re: Anonymous posting"
- Maybe in reply to: CHM Security: "URLScan"
- Next in thread: dumbwabbit: "RE: URLScan"
- Reply: dumbwabbit: "RE: URLScan"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Bonner, Jon" <Jon.Bonner@k12.sd.us> To: security-basics@securityfocus.com Date: Mon, 11 Mar 2002 09:14:05 -0600
Open the following file: %systemroot%\system32\inetsrv\urlscan\urlscan.ini.
Scroll down in the file until you find the section containing the text ";
Deny executables that could run on the server" and then place a semicolon in
front of the EXE that appears below it. This comments out EXE so that
URLScan will stop blocking files with that extension. Then restart IIS or
reboot your server.
Jon Bonner
-----Original Message-----
From: CHM Security [mailto:chmsecurity@hotmail.com]
Sent: Friday, March 08, 2002 5:56 PM
To: security-basics@securityfocus.com
Subject: URLScan
I am running Citrix nfuse on a IIS 5 server and attempted to install the
urlscan.exe from M$. I have very limited knowledge on web servers and
everytime I install the urlscan it kills the ability of clients to download
the citrix web client (ica32t.exe) file. Like I said I have very limited
knowledge of web servers and I'm not sure how I can edit the urlscan ruleset
to allow this to happen. I would really like to run the urlscan tool to
receive all of the benefits it provides, but as of right now I can't because
it kills necessary functionality. Any help would be greatly appreciated!
- Previous message: Radoslav Dejanoviæ: "Re: Anonymous posting"
- Maybe in reply to: CHM Security: "URLScan"
- Next in thread: dumbwabbit: "RE: URLScan"
- Reply: dumbwabbit: "RE: URLScan"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
