Re: ASP trouble with IIS 6.0 security

• Previous message: Juan: "Re[2]: Invisible KeyLogger"
• In reply to: Bénoni MARTIN: "ASP trouble with IIS 6.0 security"
• Next in thread: Bénoni MARTIN: "RE: ASP trouble with IIS 6.0 security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: Bénoni MARTIN <Benoni.MARTIN@libertis.ga>
Date: Wed, 28 Apr 2004 13:55:26 -0500

This may be completely off but have you looked at your includes or does it
make reference to them in the server error you get? Alot of issues with
design of include functions that worked in IIS5 but not in IIS6.
Example

<!--#include file="../../includes/home_sidebar_inc.asp" -->
will work in IIS5

for IIS 6 you must make it virtual
<!--#include virtual="/includes/home_sidebar_inc.asp" -->

Noah Welshans
Nex-tech Internet Solutions
www.nex-tech.com

----- Original Message -----
From: "Bénoni MARTIN" <Benoni.MARTIN@libertis.ga>
To: <security-basics@securityfocus.com>
Sent: Wednesday, April 28, 2004 10:02 AM
Subject: ASP trouble with IIS 6.0 security

Hi community,

I am running IIS 6.0 under a W2K3 box, and most of my web pages have been
written in ASP with Dreamweaver 2004 (I don't think this is really
important, but...). Some of my ASP pages run into trouble: sometimes they
are displayed in the right way, but sometimes they create a "NTTP 500 -
Internal error". Looking around the web, seems to me I am not the only one
to face this trouble, but no solution has been found...

Seems also that a new security feature in IIS 6.0 performs this, but which
one??? I just cannot set up a Linux box with Apache as I have an SQL Server
2000...

What can I do? Get back to IIS 5.x does not seems to be a good idea...

Any idea will be welcomed!

Cheers!

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

• Previous message: Juan: "Re[2]: Invisible KeyLogger"
• In reply to: Bénoni MARTIN: "ASP trouble with IIS 6.0 security"
• Next in thread: Bénoni MARTIN: "RE: ASP trouble with IIS 6.0 security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]