Bernard has done a cool post about Web server fingerprinting, based on a small utility.
Read his post at source: Server: Microsoft-IIS/6.0\r\n : Web server fingerprinting.
Need some good statistic software for reading the IIS logs. I can recommend AWStats, read the How to Install AWStats guide on IIS 6.0 by Chris Abraham.
Read it at source: How to Easily Install AWStats on IIS 6 by Chris Abraham – Because the Medium is the Message.
Get another great guide on how to Install Awstats on IIS in PDF format: http://www.ihsen.com/support/InstallingAWStatsOnIIS6.pdf
Lazyadmin has publish an article about creating a FTP site using isolated users configuration, in this mode users are isolated based on the folder structure in the FTPRoot directory.
Read the full article at source: Isolating IIS FTP Users – The Lazyadmin.com.
Inge Henriksen has posted an exploit on IIS 5.1 (WinXP IIS 5.1 only). The exploit is a new .dll exploit. There’s already alot of information on several blogs about this exploit and Microsoft should be informed about this.
A 0-day workaround would be to use URLScan to block for this exploit.
Read Inge Henriksens post: Inge Henriksen’s Technology Blog: Microsoft IIS Remote DoS .DLL Url exploit.
Read Bernard’s post about the exploit: Recent IIS 5.1 Remote Exploit.
Microsoft has published an updated version of Shared Web Hosting guide in their Service Provider program.
Read the Guide at source: Shared Web Hosting Deployment Guide – Service Providers.
Chris Adams has done a post were he answers a question about IIS 5.1 (WinXP IIS) Authentication after Install.
This will be his first post about authentication, which is a subject he’ll cover the next few weeks.
Read the full post at source: ChrisAd’s blog : IIS 5.1 Authentication After Install.
Chris Adams did a post about how application pools configuration ties into the ProcessModel section of the machine.config configuration file.
His post also includes links to some good resources for further information about IIS 6 worker processes and application pools.
Read his post at source: ChrisAd’s blog : ASP.NET & IIS 6.0: Application Pools, Machine.Config….oh my, someone shoot me!.
Chris Adams did a post about how application pools configuration ties into the ProcessModel section of the machine.config configuration file.
His post also includes links to some good resources for further information about IIS 6 worker processes and application pools.
Read his post at source: ChrisAd’s blog : ASP.NET & IIS 6.0: Application Pools, Machine.Config….oh my, someone shoot me!.
Follow Me