Browse by Tags
All Tags »
Security (
RSS)
Last week I posted the following blog which showed how to use Process Monitor to troubleshoot service startup issues. http://blogs.msdn.com/webtopics/archive/2009/06/16/troubleshooting-service-startup-issues-with-process-monitor.aspx To continue on that topic, I ran across another issue recently where Process Monitor was again very helpful in troubleshooting. Problem – When browsing ASP pages, we were getting below error in the browser. Browsing any HTML page worked fine. HTTP Error 401.3 - Unauthorized...( read more ) Read More...
Many things can cause a service, like IIS’s World Wide Web Publishing Service, to fail on startup. When troubleshooting such an issue, Process Monitor can be an invaluable tool. What Process Monitor does is monitor all File and Registry access on the system in real-time. The latest version of process monitor can be obtained here . Most of the time, we use this tool to troubleshoot Access Denied related issues. In those scenarios, Process Monitor shows exactly what user account tried to access what...( read more ) Read More...
Dynamic IP Restrictions (DIPR) was created to give users a tool to help mitigate the effects of DOS attacks and certain brute-force password breaking attempts. The Out-Of-Band (OOB) feature description is (perhaps more elegantly) outlined on this page: http://www.iis.net/extensions/DynamicIPRestrictions . In short, it is a handy tool that is easy to configure to protect a site/server from certain attacks. A bug was discovered in the Beta for Microsoft Dynamic IP Restrictions for IIS 7 for which a patch has been released. The bug affects users with site names longer than 22 characters. Installing the feature with a long site name and browsing to that site would result in a distinctive error in the Windows Application logs. To check whether your version of DIPR beta contains this update, check the Registry. If the value for HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IIS Extensions\DynIpRst\Version is 7.1.0394.0, then the installed DIPR is not updated. This value should be 7.1.0487.0 for the updated...
This topic has been covered many times both by Microsoft and non-Microsoft employees. However, I’ve recently been asked what the main features of IIS 7 are and have seen a great deal of misinformation about IIS security on twitter, blog posts and forums. I think, therefore, the issue deserves yet another look. In this post, I’m going to go over security in the past for IIS and then move on to talk about security features in IIS 7. These are not in any particular order. This post is not meant to diminish the many thoughtful works already created by others – both complimentary and critical. This is just meant to bring the subject back up for discussion again in hopes that you can be properly equipped with the decision making information you may need. Ghosts of IIS Security Past The reason for so much misinformation about the current state of security in IIS is likely due to the earned reputation the product had in versions previous to IIS 6.0. A quick search on the web for IIS 5 security...
Today IIS team has released the Dynamic IP Restrictions Extension for IIS 7.0 - Beta. The Dynamic IP Restrictions Extension provides IT Professionals and Hosters a configurable module that helps mitigate or block Denial of Service Attacks or cracking of passwords through Brute-force by temporarily blocking Internet Protocol (IP) addresses of HTTP clients who follow a pattern that could be conducive to one of such attacks. This module can be configured such that the analysis and blocking could be...( read more ) Read More...
I was working with one of the customer on Urlscan and their requirement was to install Urlscan on Windows Server 2003 64-bit to hide Server's identity. Basically in Urlscan.ini , we can configure "RemoveServerHeader=1" to server's identity from HTTP Header. As Urlscan 2.5 has urlscan.dll in 32-bit, we weren't able to get it work on Windows 2003 64-bit and the only option was to switch IIS worker process to run in 32-bit mode ( Enable32bitAppOnWin64 ). But they wanted to run it in 64-bit. So we downloaded latest Urlscan 3.1 64-bit and installed it on Windows Server 2003 64-bit. Download URLSCAN 3.1 from following locations: Download the x86 version from Microsoft Download Center here . Download the x64 version from Microsoft Download Center here . Once you download desired URLSCAN, you can double click .msi to to install Urlscan and here is how it looks: By Default Urlscan keeps all the files in "% systemroot%\system32\inetsrv\urlscan " folder on Windows 2003...
Every time I talk with customers in meetings or at conferences I’m struck by how many cool amazing new capabilities IIS7 has. I can go on for literally hours talking about the new features and benefits, and showing demos. And with each new IIS7 Extension , the list of new features just gets bigger and bigger. A few months ago I realized we didn’t have the top list of features written up anywhere, and so we started the process of distilling down the list to the top 10. We almost made it! We ended up with the top 12 reasons you should get IIS7 today. Check them out here: http://www.iis.net/getstarted Over the next few weeks we’ll be adding a cool demo for each of the reasons to show the features in action. Be sure to check back soon! Read More...
I’m happy to announce that IIS7 Extensions have found their home at http://www.iis.net/extensions/ Every since IIS7 shipped 9 months ago, the IIS team has been cranking away adding new features to the platform. Last time I blogged about how we do this , I realized we didn’t have a single place to learn about all of them, so I kicked off an effort within the team to create this. Now that the pages are up, it is amazing to see how many new capabilities are already available on top of IIS7…which all by itself had more new features than any other IIS release in the history of the product. It is a testament to not only the ingenuity and hard work of the IIS team, but a real validation that IIS7 is not just a Web server, it is a server platform. All of these new features are built on top of public extensibility points that any developer can use, and provide a seamless runtime, configuration and administration experience that looks and feels like they were built...
The Deep Fried Bytes guys caught up with me at DevLink and we had a talk about developer security needs, mistakes, activities, etc ! Listen Here http://deepfriedbytes.com/ Read More......( read more ) Read More...
For many years I've had an interest in and a focus on Application Security. Now, I'll be ramping up and doing a bunch of security related work in my role here at Microsoft. I hope you will add www.SecureDeveloper.com to your blog reader. I expect to include Read More......( read more ) Read More...
More Posts
Next page »