-
Posted to
Security
by
naziml
on
09-30-2009, 12:59 AM
IP address is 1 byte : 1 byte : 1 byte : 1 byte.
You need to mask off the lower 22 bits. That is 8+8+6 bits, so the lower 2 bytes are masked off (zeroed) and from the 3rd byte , the lower 6 bits are masked off.
So the lower 2 bytes are zero since they are masked off. When we mask of the lower 6 bits, the byte is essentially 11000000 in ...
-
Posted to
IIS7 - Security
by
naziml
on
09-30-2009, 12:16 AM
You haven't setup any UrlAuthZ limiting access to just admins have you? You really need to focus on getting freb working, otherwise you are shooting in the dark.
Are you saying that the freb logs are present, but you cannot *open* them via any means including using elevated notepad?
-
Posted to
Security
by
naziml
on
09-30-2009, 12:09 AM
22 = 8+8+6. So the relevant bits after mask are 8bits : 2highest order bits: none : none
Hence the subnet mask will be 255.192.0.0
-
Posted to
Security
by
naziml
on
09-29-2009, 11:57 PM
Doesn't seem like you have setup an SSL site for example.com, your bindings are setup in such a way that a request to https://www.example.com is ending up going to https://portal.example.com and since the name on the cert here doesn't match what the client sent you get a cert error. You need to fix your ...
-
Posted to
Security
by
naziml
on
09-29-2009, 11:50 PM
Most HTTP status can return a custom error page. Refer to http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/80cb8d8d-8fd8-4af5-bb3b-4d11fff3ab9c.mspx?mfr=true
on how to set this up and a listing of what HTTP status' you cannot redirect.
-
Posted to
Security
by
naziml
on
09-29-2009, 11:45 PM
Seems like you need to enable anonymous authentication. Launch inetmgr and right click on your site and go to Properties. Go to the Directory Security Tab and click on Edit under Authentication and Access Control. Select the checkbox that says Enable Anonymous Access.
-
Posted to
Security
by
naziml
on
09-29-2009, 11:38 PM
You can still use an IP address and a subnet mask in IP restriction setting. Here is an example:
CIDR notation: 192.168.0.0/8 This means you can mask the last 32 bits, so the range is 192.168.0.0 - 192.168.0.255
Using subnet masks this is equivalent to:
IP address: 192.168.0.0
Subnet mask: 255.255.255.0
What this says ...
-
Posted to
Security
by
naziml
on
09-29-2009, 2:59 PM
You can easily convert CIDR notation for an IPV4 address to an IP address and subnet mask. IP restriction in IIS6 does not support CIDR notation.
-
Posted to
Security
by
naziml
on
09-29-2009, 1:02 PM
Dave's blog has a good explanation on this.
http://blogs.iis.net/davcox/archive/2009/08/12/what-is-my-iis-code-running-as.aspx
-
Posted to
IIS7 - Security
by
naziml
on
09-08-2009, 1:22 PM
If you don't have the module installed yet, you should install the entire thing instead of the update.
x86 install - http://go.microsoft.com/?linkid=9655674
x64 install - http://go.microsoft.com/?linkid=9655675
Make sure you didn't accidentally run the installer for the update. If this is not the case, can you turn on MSI logging ...