Re: IIS5.0 and IIS lockdown/hardening tool/security

From: Dave (kdlevine_at_wi.rr.com)
Date: 07/12/03


Date: Sat, 12 Jul 2003 06:50:37 -0500


Thanks for the response. I scanned some other messages about URLScan and I
had a few other questions that I hope you can help me with.

Is it possible to customize URLScan by web service, folder, or some other
application specific settings? Does it simply look for references to file
extensions without regard to how the file will be accessed? From what I've
seen in other posts here it seems that URLScan has limited configurable
settings.

re: FPSE...If these are not installed will this effect DevStudio? I've been
advised that if FPSE is not installed on development machines then
developers will be unable to develop web services. Do you have any
information that would corroborate or refute this?

Thanks again.

Dave

"Herb Martin" <news@LearnQuick.com> wrote in message
news:OpX1fjCSDHA.2480@tk2msftngp13.phx.gbl...
> > We have a DOTNET web service built with the 1.1 framework and we are
> > targeting
> > server machines running IIS 5.0+. We have been advised to run the IIS
> > hardening/lockdown tool for additional security. Is anyone aware of any
> > problems or issues that will result from this? What problems will we
have
> if
> > FrontPage Server extensions are not installed?
>
> As you may note if you watch the IIS newsgroups for a few
> hours, the IIS Lockdown Wizard and the URLScan it installs
> can affect access to web pages (mostly based on forbidding URLs
> that reference certain extensions like DLL, EXE, ASP, etc.
>
> You will need to tune your URLScan.ini
>
> This shouldn't be affected by FPSE, but those who do run FPSE
> note these same (class of) problems.
>
>
>



Relevant Pages

  • Re: Help - Port 80 being targeted
    ... URLScan installs as an ISAPI filter. ... I have port 80 open firewalls don't do me any good! ... > What you're seeing could possibly be a nimda or code red worm scanning your ...
    (comp.security.firewalls)
  • Re: IIS5.0 and IIS lockdown/hardening tool/security
    ... >extensions without regard to how the file will be accessed? ... But URLScan can be configured to allow FPSE, ... >advised that if FPSE is not installed on development machines then ...
    (microsoft.public.inetserver.iis.security)
  • Re: IIS Lockdown
    ... urlscan has been installed by IISLockdown. ... Microsoft Exchange Support ... >usually installs urlscan as an isapi filter. ...
    (microsoft.public.exchange.admin)
  • Re: ? turn on ASP after "lockdown" ?
    ... > run of lockdown in their "script" that does the installs. ... IISlockdown with URLScan is causing problems on my IIS web server. ...
    (microsoft.public.inetserver.iis.security)
  • Re: IISlockdown and URLScan
    ... IISlockdown comes with an older version of URLscan, ... so you need to separately download the newer URLscan ... and it installs on top of the older. ...
    (microsoft.public.inetserver.iis.security)