Re: McAfee Firewall 3.03, IIS 5.0, http/https

From: David (davidwnh@adelphia.net)
Date: 12/03/02 

From: "David" <davidwnh@adelphia.net>
Date: Tue, 03 Dec 2002 03:15:10 GMT

This is either a bug or "unwanted behavior" with IIS5. You have at least
three options to get around it. You can create a second website from within
the internet service manager and run IIS with the default website stopped.
An alternative is to actually add a certificate to the webserver and then
the internet service manager will allow you to remove the SSL port setting.
Both will affectively allow you to run IIS with the SSL port closed. You can
verify this via netstat.

There is a third way to do this without creating a second web or getting a
certificate but this is not for the "feint of heart". You can edit the IIS
metabase. If you use metabase editor(IIS resource Kit) there is a key under
W3SVC for the default site called "securebindings". The data portion of this
key shows your adapter address(or loopback) and the SSL port number(ie.
127.0.0.1:443). You can blank out this data entry part of the key and the
server should run without an SSL port open.

"Brian Mork" <gusenet@increa.com> wrote in message
news:ecfe78c6.0212021345.38f821a8@posting.google.com...
> I've been playing with McAfee Firewall v3.03,
> Microsoft's IIS 5.0, and Steve Gibson's web site (grc.com).
>
> Observations:
> IIS, specifically the web site host doesn't allow
> distinction between http and https. Both are on or both
> are off. Any idea how to turn only http on?
>
> Or, any idea how to have McAfee screen out requests
> to the https port, but allow http port activity?

Relevant Pages

  • Re: SSL Issue - Urgent
    ... Generically extensible -- the translation device gives some hint of the ... so the device would need to set a proprietary HTTP Request header indicating ... This has been done on Apache and IIS as well. ...
    (microsoft.public.inetserver.iis.security)
  • RE: Rpc over http
    ... I am having problems with http over rpc...it was working well for 8 months ... 2.Please collect the IIS metabase on the SBS server: ... Please collect the IIS log on RPC Proxy Server for further analysis: ...
    (microsoft.public.windows.server.sbs)
  • Re: Internet syncronisation failed after installing security update
    ... after the latest updates our internet> syncronisation behaved the same...not working anymore. ... after the newest patches iis is ignoring the PUT-command via http. ... before the patches were installed> the log shows http response 200 and 201 for the upload of tempfiles and> execution of mstrai40.exe. ... that leads to the conclusion that> the latest updates shut down the PUT functionality via http and by the way> messing up the access replication. ...
    (microsoft.public.access.replication)
  • Re: Windows 2003 remote admin access
    ... access done in context of the authenticated browsing account (i.e. ... be limited to areas defined as vdirs in IIS and/or FTP. ... particular ports inbound so access on any other ports shouldn't be ... The user does have HTTP and FTP web authoring access but this ...
    (microsoft.public.security)
  • IIS6.0 W2K3 Disabling Socket Pooling
    ... All this websites runs on http port 80. ... We have desided that one IIS ...
    (microsoft.public.inetserver.iis.security)
Quantcast