Re: (remotely/automatically) Detecting IIS changes?
From: Tom Kaminski [MVP] ((A@T))
Date: 03/20/03
- Next message: Keith W. McCammon: "Re: (remotely/automatically) Detecting IIS changes?"
- Previous message: Ralph: "(remotely/automatically) Detecting IIS changes?"
- In reply to: Ralph: "(remotely/automatically) Detecting IIS changes?"
- Next in thread: Keith W. McCammon: "Re: (remotely/automatically) Detecting IIS changes?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> Date: Thu, 20 Mar 2003 11:22:35 -0500
"Ralph" <ralphlos@hotmail.com> wrote in message
news:1d2901c2eef9$adf3ab10$a601280a@phx.gbl...
> Hi all, I'm working with a team which has been tasked with
> the goal of using a product such as TripWire to detect
> changes (both intentional and otherwise) within our IIS
> servers. Maybe someone can suggest a particular
> file/files/folders/registry keys to watch for changes in?
> I can only think of the global.asa file, but that's lately
> changed to my knowledge.
> For example, we'd like to be alerted when an
> administrator creates a new "Virtual Root" anywhere on the
> IIS box. This is often done hap-hazardly and the IIS admin
> team doesn't always report the creation of the site....so
> we'd like to come up with a way to monitor them....suggestions?
IIS stores most of it's config in the MetaBase at
\winnt\system32\inetsrv\metabase.bin, so that's what you'd have to watch.
-- Tom Kaminski IIS MVP http://mvp.support.microsoft.com/ http://www.microsoft.com/windowsserver2003/community/centers/iis/
- Next message: Keith W. McCammon: "Re: (remotely/automatically) Detecting IIS changes?"
- Previous message: Ralph: "(remotely/automatically) Detecting IIS changes?"
- In reply to: Ralph: "(remotely/automatically) Detecting IIS changes?"
- Next in thread: Keith W. McCammon: "Re: (remotely/automatically) Detecting IIS changes?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
