ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.
One of a set of tools we're offering as a way to say thank you for being a part of the community.
IIS supports anonymous access, Basic, and Windows NT Challenge/Response (NTLM) authentication. The authentication mechanism in IIS could reveal the type of authentication in use to a remote attacker
Microsoft Internet Information Server (IIS) supports anonymous access, Basic, and Windows NT Challenge/Response (NTLM) authentication. The authentication mechanism in IIS could reveal the type of authentication in use to a remote attacker. A remote attacker can send a specially-crafted GET request to verify the authentication type in use, depending on the error message returned by the host.-How to remove these kind of Vulnerabilities from IIS
Asked:
-
9
7
1 Solution
If you want information on protecting web servers using firewalls or monitoring then I'd recommend you ask another more specific question in those sections.
Once again, use the IIS Lockdown Wizard and even the Microsoft Baseline Security Analyzer. There isn't a simple 'Click this' 'click that' answer for this. People have careers specializing in locking down web applications. I can't relay all that knowledge here.
http://www.iis.net/downloads/default.aspx?CategoryName=Microsoft&CategoryID=96&sort=modifieddate&direction=ascending&tabid=35&start=0&g=6
http://www.iis.net/downloads/default.aspx?CategoryName=Microsoft&CategoryID=96&sort=modifieddate&direction=ascending&tabid=35&start=0&g=6
hmm, I have installed both the tool on my server, let me try to give my best on it...
Thanks for the suggestion
Thanks for the suggestion
i have installed the iis lockdown with urlscan 2.5 on my Server Win 2k(IIS5) and is there any more configuration required on it. to get the web server more secure from this kind of Vulnerabilities.
Thanks in advance..!
Thanks in advance..!
below is the evidence for the problem i am facing.
Basic auth
GET / HTTP/1.1
Host: 192.168.1.15
Authorization: Basic cTFraTk6ZDA5a2xt
No response from server
Try manually
NTLM auth
GET / HTTP/1.1
Host: 192.168.1.15
Authorization: Negotiate TlRMTVNTUAABAAAAB4IAoAAAAA
No response from server
Try manually
Basic auth
GET / HTTP/1.1
Host: 192.168.1.15
Authorization: Basic cTFraTk6ZDA5a2xt
No response from server
Try manually
NTLM auth
GET / HTTP/1.1
Host: 192.168.1.15
Authorization: Negotiate TlRMTVNTUAABAAAAB4IAoAAAAA
No response from server
Try manually
ok, then what to do with this failure have installed IIS lockdown tool on my server, will there any more configuration required..?
Sorry I didn't make my comment clear. I see nothing wrong with the 'problem' you described in http:#2409144 That is normal by design handshaking by a web server.
I tried to get more on iis lockdown tool to get my iis more secure can you give some more idea about iis lockdown tool....?
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Join & Write a Comment Already a member? Login.
Featured Post
Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.
One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.
Tackle projects and never again get stuck behind a technical roadblock.
Join Now
You can't remove the GET request that asks for the authentication type. That is required for the browser to submit authentication. If you turn it off, only anonymous authentication will work.
You are better off using firewalls or monitoring software that detect malicious activity.