Re: Firewall Server not allowing view of .idq file

From: Karl Levinson [x y] mvp (levinson_k_at_despammed.com)
Date: 08/02/03 

Date: Sat, 2 Aug 2003 12:40:56 -0400

Also, check the IIS logs to see if the URL requests are even getting to the
web server. Check the firewall logs, as if this should tell you if the
request is being blocked or passed. Using a sniffer might also help you
determine this [though first thing to check is the iis logs].

http://securityadmin.info/faq.htm#sniffer
http://securityadmin.info/faq.htm#iislogs2
http://securityadmin.info/faq.htm#iislogs

If URLScan / IISlockdown were installed or a hardening checklist used,
perhaps .idq file requests are being blocked or the .idq script mapping was
deleted. If the former, there would probably be a file calleld urlscan.log
on your computer containing info, and then you could edit the urlscan.ini
file and restart windows to fix the problem. You really should be using
URLScan anyways, to prevent being hacked.

http://securityadmin.info/faq.htm#urlscan
http://securityadmin.info/faq.htm#harden

"Miha Pihler" <miha.pihler@Atlantis-N0Spam.si> wrote in message
news:uDwafUOWDHA.1300@TK2MSFTNGP10.phx.gbl...
> Hi Ryan,
>
> Since you haven't told us anything about your Firewall (which in general
is
> good), but it makes hard for us to guess what could be wrong.
>
> Look in your firewall configuration if it is blocking .idq extension in
URL
> requests.
>
> --
> Mike
> MCSA 2K, MCSE 2K, MCT, ...
>
> "Ryan" <rkavalsk@muhlenberg.edu> wrote in message
> news:03be01c35862$d1bd4fb0$a101280a@phx.gbl...
> > Here's an issue that's been driving me bonkers...I have
> > just created this web site (www.privacy-security-sig.org)
> > and the search feature uses Microsoft Index Server. When
> > I search from within my domain (with the internal IP
> > address), the search.idq works wonderfully. However, when
> > using the search feature on the web, search.idq cannot
> > be found. I have a feeling this has to do with access
> > permissions on our firewall server...please help!
> >
> >
>
>

Relevant Pages

  • Re: IDS and SSL
    ... invalid requests not just detection. ... In English: attacks against ... The web application firewall ... Quite frankly I wouldn’t put a web server of any worth ...
    (Vuln-Dev)
  • Re: Network Firewall/Routing Solution
    ... Cisco router w/ Firewall IOS, ... > not working properly at all with multiple network cards. ... > I will need to deal with inbound web and ftp requests from the ... > non-pasv connections. ...
    (comp.security.firewalls)
  • Re: Network Firewall/Routing Solution
    ... >> firewall combo boxes that linksys sells, and I really don't want to run ... >> not working properly at all with multiple network cards. ... >> like Unicode and header information for http requests, ... >> non-pasv connections. ...
    (comp.security.firewalls)
  • [fw-wiz] secure firewall rule management program
    ... Anyone have suggestions for a good, secure webified firewall rule ... The system should allow users to submit rule requests, ... be available to approvers and implementers. ... an individual, it belongs to "accounting". ...
    (Firewall-Wizards)
  • Re: How to tell if a firewall alert is suspicious or not
    ... There exists innocent common connections reported by the firewall ... Is there a site where all the common innocent connections are listed? ... I keep a list of the common contact requests & this isn't one of them. ...
    (microsoft.public.security)