Hi, I've got myself a hard question: I'm devloping a process control system that consists of a Windows Vista PC combined with a Windows XP machine (connected through windows network, separate adapter). On the Vista PC, IIS 7 is running with an ASP.NET application with form based authentication...

Hello All, Due to performance reasons, can i run IIS 6.0 on a public ip without Anti-virus and firwall. I am actively patching the server 2003. Any thoughts about it, i really appreciate. Jenefa

to add to the security of our web server it has been recommended that the guest account be removed from the guest group, since annonymous is not allowed. Does anyone see any issues in IIS 6.0 if this is done?

I'm using UrlScan 3.0 on IIS 6.0 (IIS 7.0 is not an option). I need to block all requests for URLs which contain "NR" as a path segment: http://localhost/ NR /.... Here's my UrlScan.ini file (most settings are the defaults, changes are in italics, things I think are significant are...

Good morning, all. New to the forum. I have been looking, but can't find much data, and need info quickly. Would there be any deal-breaking security implications with installing FPSE 2002 on an INTRANET server? Better yet, does anyone know of a usable page hit counter that would not require FSPE...

In our URLScan logs we get the following quite a bit - - - - - - - - - - - - - - - - - - - - - - - - #Software: Microsoft UrlScan 3.0 #Version: 1.0 #Date: 2008-09-04 01:01:20 - - - - - - - - - - - - - - - - - - - - - - - - Does anyone know if this means that UrlScan is recycling and we have a period...

Hi, Im a System Administrator of a Hosting Company, and one of our website has been hacked with SQL injection, At first the hacker inserted nihaorr1.com/1.js most of the website table are being affected with this attacked, after that incident I developed a SQL validation that is similar on the asp script...

Hi, Im a System Administrator of a Hosting Company and one of our website has been hack with SQL injection, At first the hacker inserted nihaorr1.com/1.js most of the website table are being affected with this attacked, after I created that a created a SQL validation like one that you have posted in...

This is excatly what I have been doing for a few years, A collegue and I are in the middle of writing it up as a high level design, hopefully if we can remove the corporate references we will publish this as a paper but a few thing to note so far are We use CIFS (windows shares on sep file server for...

I've read in a number of articles that giving IUSR_SERVER write permissions creates a huge security risk. I'm working with a databaseless CMS using ASP/VBScript that needs IUSR set to read/write in order to function. Is there a way to allow the CMS to modify files without creating a security...