Re: IIS Seperate Partition?

From: Bernard (qbernard_at_hotmail.com.discuss)
Date: 05/31/04 

Date: Mon, 31 May 2004 18:32:17 +0800

You meant 'directory traversal' not buffer overflow. 

-- 
Regards,
Bernard Cheah
http://www.tryiis.com/
http://support.microsoft.com/
http://www.msmvps.com/bernard/
"Jonathan Maltz [MS-MVP]" <jmaltz@mvps.org> wrote in message
news:#u1F9ZdREHA.2572@TK2MSFTNGP12.phx.gbl...
> Hi,
>
> There's no way to install the IIS system files on a partition other than
the
> system partition, but you can move the files being served to another
> partition/folder (as most people do) so if a buffer overflow is found in
> your scripts a hacker doesn't know the right dynamic path (i.e,
> /../../windows/system/cmd.exe) right off the bat
>
> -- 
> --Jonathan Maltz [Microsoft MVP - Windows Server, Virtual PC]
> http://www.visualwin.com - A Windows Server 2003 visual, step-by-step
> tutorial site :-)
> http://vpc.visualwin.com - Does <insert OS name> work on VPC 2004?  Find
out
> here
> Only reply by newsgroup.  I do not do technical support via email.  Any
> emails I have not authorized are deleted before I see them.
>
>
> "Ryan Riddell" <anonymous@discussions.microsoft.com> wrote in message
> news:DDB4975B-E550-47E7-AF08-68DD979B09FB@microsoft.com...
> > I'm running Server 03 with a web server and file server as well as
acting
> as a domain controller.
> >
> > My question is if it would be more secure or considered a good idea to
> have the web server on its own partition?
> >
> > The idea being that if a malicious user manages to take control of IIS
> they are sort of stuck on the individual partition.  Also, if they manage
to
> hose the partition it won't effect the other functions of the server.
> >
> > Thanks,
> > Ryan
>
>

Relevant Pages

  • Re: IIS Seperate Partition?
    ... Well if you buffer overflow the script you can use it to do a directory ... traversal attack, no? ... --Jonathan Maltz [Microsoft MVP - Windows Server, ... >> There's no way to install the IIS system files on a partition other than ...
    (microsoft.public.inetserver.iis.security)
  • Re: Rebuilding SBS Server 2003 SP2
    ... issues with exchange system manager because the SSL server name ... figured a rebuild was the perfect time to investigate these (chuck more RAM ... lot with re-installs but havent a clue with partition sizes with SBS, ...
    (microsoft.public.windows.server.sbs)
  • Software Raid for clones
    ... Personally I inherited this E6750 ASUS motherboard and wanted thought I'd build a nice server for general use. ... I added 4 SATA 250 Gb disc drives and after reading about the horrors & failures of the cheapie Raid controllers, I decided to try Linux software raid. ... I got a message from every MD partition that there were not ... Disk partitions and LVM limits ...
    (RedHat)
  • Re: SBS2003 Partitioning
    ... sell a server to a customer to maximise billing hours. ... I realise that capacity is all down to the business that you are selling to ... just makes our experiences different. ... If the partition is on the same set of spindles then I could care ...
    (microsoft.public.windows.server.sbs)
  • Re: Is it possible to redirect the default user shares?
    ... The server is a rack mounted HP ProLiant ML 350 G4 and the integrated NIC ... I understand most people thatr design a server around W2k3 SBS Premium start ... OS partition and only a single additional partition if the underlying drive ... RAID1+RAID5) it may be worthwhile putting the shadowcopies from one array on ...
    (microsoft.public.windows.server.sbs)