Re: URLScan and an EXE File

From: FMac (fmac_at_urnerbarry.com)
Date: 07/09/03

Next message: Halcyon Woodward: "Re: How to perform OWA-like authentication...?"
Previous message: Nick: "Re: URLScan and an EXE File"
In reply to: Nick: "Re: URLScan and an EXE File"
Next in thread: Roger Abell [MVP]: "Re: URLScan and an EXE File"
Reply: Roger Abell [MVP]: "Re: URLScan and an EXE File"
Reply: David Wang [Msft]: "Re: URLScan and an EXE File"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 9 Jul 2003 14:22:46 -0400

When I look at the log file that URLScan generates I see a lot of exe
attempts that are caught. I don't want to remove that extension for
everything. I was hoping that I could insolate one file and have it flagged
to be passed through.

Thanks for your response.

<Nick> wrote in message news:u$aCWUkRDHA.1552@TK2MSFTNGP10.phx.gbl...
> remove .exe from the [DenyExtensions] section
>
> then restart IIS and all should be good
>
> Nick
>
>
> "FMac" <fmac@urnerbarry.com> wrote in message
> news:OgQwCMjRDHA.2084@TK2MSFTNGP11.phx.gbl...
> > Is there anyway to allow a specified exe file to pass through the
URLScan
> > filter?
> > I am using an activeX control that needs to run a small .exe file on the
> > clients workstation in order for it to work. Is there something like
> > [AllowURLSequence] that possibly is undocumented? This is on a paid
> > permissioned site that all users would know the purpose of this update.
> > I am using URLScan 2.5 on a Windows 2000 Server running IIS5.
> >
> > Any ideas would be appreciated.
> >
> > Thanks,
> > Frank
> >
> >
>
>

Next message: Halcyon Woodward: "Re: How to perform OWA-like authentication...?"
Previous message: Nick: "Re: URLScan and an EXE File"
In reply to: Nick: "Re: URLScan and an EXE File"
Next in thread: Roger Abell [MVP]: "Re: URLScan and an EXE File"
Reply: Roger Abell [MVP]: "Re: URLScan and an EXE File"
Reply: David Wang [Msft]: "Re: URLScan and an EXE File"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Trend C/S/M SMB on SBS2003
... Fixed - problem caused by UrlScan.ini (preventing CGI script from running) ... Tool and installed UrlScan 2.5. ... Since Trend Micro uses .exe to execute CGI, ... I don't like the idea of allowing the extension ".exe" to run on my web ...
(microsoft.public.inetserver.iis)
Re: Trend C/S/M SMB on SBS2003
... Fixed - problem caused by UrlScan.ini (preventing CGI script from running) ... Tool and installed UrlScan 2.5. ... Since Trend Micro uses .exe to execute CGI, ... I don't like the idea of allowing the extension ".exe" to run on my web ...
(microsoft.public.windows.server.sbs)
RE: URLScan
... I would NOT recommend opening up the .exe ... > extension. ... > reboot your server. ... > Subject: URLScan ...
(Security-Basics)
Re: URLScan (and Demarc PureSecure)
... I added focus-ids to the recipient list - if you reply to this, and it's not related to Intrusion Detection, please remove that recipient. ... still have reservations when it comes to allowing .exe ... > on opeing up specific .exe's via URLScan. ... >>> knowledge of web servers and I'm not sure how I ...
(Security-Basics)
Re: URLScan
... i know you can move and ACL critical system ... still have reservations when it comes to allowing .exe ... > on opeing up specific .exe's via URLScan. ... >> Do You Yahoo!? ...
(Security-Basics)