Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more
COURSE of the MONTH
11 days, 13 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
IIS supports anonymous access, Basic, and Windows NT Challenge/Response (NTLM) authentication. The authentication mechanism in IIS could reveal the type of authentication in use to a remote attacker
Posted on 2009-04-03
Microsoft Internet Information Server (IIS) supports anonymous access, Basic, and Windows NT Challenge/Response (NTLM) authentication. The authentication mechanism in IIS could reveal the type of authentication in use to a remote attacker. A remote attacker can send a specially-crafted GET request to verify the authentication type in use, depending on the error message returned by the host.-How to remove these kind of Vulnerabilities from IIS
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
9
7
16 Comments
Have you tried the IIS lockdown wizard?
You can't remove the GET request that asks for the authentication type. That is required for the browser to submit authentication. If you turn it off, only anonymous authentication will work.
You are better off using firewalls or monitoring software that detect malicious activity.
You can't remove the GET request that asks for the authentication type. That is required for the browser to submit authentication. If you turn it off, only anonymous authentication will work.
You are better off using firewalls or monitoring software that detect malicious activity.
If you want information on protecting web servers using firewalls or monitoring then I'd recommend you ask another more specific question in those sections.
Once again, use the IIS Lockdown Wizard and even the Microsoft Baseline Security Analyzer. There isn't a simple 'Click this' 'click that' answer for this. People have careers specializing in locking down web applications. I can't relay all that knowledge here.
http://www.iis.net/downloads/default.aspx?CategoryName=Microsoft&CategoryID=96&sort=modifieddate&direction=ascending&tabid=35&start=0&g=6
http://www.iis.net/downloads/default.aspx?CategoryName=Microsoft&CategoryID=96&sort=modifieddate&direction=ascending&tabid=35&start=0&g=6
hmm, I have installed both the tool on my server, let me try to give my best on it...
Thanks for the suggestion
Thanks for the suggestion
i have installed the iis lockdown with urlscan 2.5 on my Server Win 2k(IIS5) and is there any more configuration required on it. to get the web server more secure from this kind of Vulnerabilities.
Thanks in advance..!
Thanks in advance..!
below is the evidence for the problem i am facing.
Basic auth
GET / HTTP/1.1
Host: 192.168.1.15
Authorization: Basic cTFraTk6ZDA5a2xt
No response from server
Try manually
NTLM auth
GET / HTTP/1.1
Host: 192.168.1.15
Authorization: Negotiate TlRMTVNTUAABAAAAB4IAoAAAAA
No response from server
Try manually
Basic auth
GET / HTTP/1.1
Host: 192.168.1.15
Authorization: Basic cTFraTk6ZDA5a2xt
No response from server
Try manually
NTLM auth
GET / HTTP/1.1
Host: 192.168.1.15
Authorization: Negotiate TlRMTVNTUAABAAAAB4IAoAAAAA
No response from server
Try manually
ok, then what to do with this failure have installed IIS lockdown tool on my server, will there any more configuration required..?
Sorry I didn't make my comment clear. I see nothing wrong with the 'problem' you described in http:#2409144 That is normal by design handshaking by a web server.
I tried to get more on iis lockdown tool to get my iis more secure can you give some more idea about iis lockdown tool....?
Featured Post
![[eBook] Windows Nano Server](https://filedb.experts-exchange.com/files/public/2017/6/24/1329f749-2f43-4bd1-8413-3b5b5ab33fc6.png)
Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
First of all, clustering IIS is something you should rarely consider doing.
In almost all cases, Microsoft Network Load Balancing (NLB) (http://technet.microsoft.com/en-us/library/cc758834(WS.10).aspx) is a much better solution when you need to p…
What is an ISAPI filter?
• It's an assembly (.dll file) that can add or change the way IIS works.
• They can be enabled globally for your web server or on a site-by-site basis.
When the IIS server receives a request, enabling the ISAPI fi…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster.
To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses
Course of the Month11 days, 13 hours left to enroll
752 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.