IIS Configuration

Hello!

I have an windows 2003 Standart with all updates and this only run IIS. I
have many sites in IIS, but in some, I need set IUSR permission as write.
This way i was hacked. What i can do different?


Thanks
Gladyston [ Do, 16 November 2006 18:45 ] [ ID #1538263 ]

Re: IIS Configuration

1 way is to configure special anonymous user for that particular web
application, and ensure the account can only write to certain folder with
proper NTFS permissions control, with additional - setting now
scripts/execute permissions on those folder if it's within the web site
structure.

--
Regards,
Bernard Cheah
http://www.iis.net/
http://www.iis-resources.com/
http://msmvps.com/blogs/bernard/


"Gladyston" <Gladyston [at] discussions.microsoft.com> wrote in message
news:167D5D45-A3E1-4132-9326-9191D0DE854D [at] microsoft.com...
> Hello!
>
> I have an windows 2003 Standart with all updates and this only run IIS. I
> have many sites in IIS, but in some, I need set IUSR permission as write.
> This way i was hacked. What i can do different?
>
>
> Thanks
Bernard [ Fr, 17 November 2006 06:33 ] [ ID #1539574 ]
Webserver » microsoft.public.inetserver.iis.security » IIS Configuration

Vorheriges Thema: Security
Nächstes Thema: Logging of ciphers / ssl versions used by clients?

[ Startseite ] [ Administrator ] [ Suche ] [ Hinweise ] [ Impressum ]

Powered by FudForum