To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.
Course Of The Month
2 days, 2 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
IIS supports anonymous access, Basic, and Windows NT Challenge/Response (NTLM) authentication. The authentication mechanism in IIS could reveal the type of authentication in use to a remote attacker
Posted on 2009-04-03
Microsoft Internet Information Server (IIS) supports anonymous access, Basic, and Windows NT Challenge/Response (NTLM) authentication. The authentication mechanism in IIS could reveal the type of authentication in use to a remote attacker. A remote attacker can send a specially-crafted GET request to verify the authentication type in use, depending on the error message returned by the host.-How to remove these kind of Vulnerabilities from IIS
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
9
7
16 Comments
Have you tried the IIS lockdown wizard?
You can't remove the GET request that asks for the authentication type. That is required for the browser to submit authentication. If you turn it off, only anonymous authentication will work.
You are better off using firewalls or monitoring software that detect malicious activity.
You can't remove the GET request that asks for the authentication type. That is required for the browser to submit authentication. If you turn it off, only anonymous authentication will work.
You are better off using firewalls or monitoring software that detect malicious activity.
If you want information on protecting web servers using firewalls or monitoring then I'd recommend you ask another more specific question in those sections.
Once again, use the IIS Lockdown Wizard and even the Microsoft Baseline Security Analyzer. There isn't a simple 'Click this' 'click that' answer for this. People have careers specializing in locking down web applications. I can't relay all that knowledge here.
http://www.iis.net/downloads/default.aspx?CategoryName=Microsoft&CategoryID=96&sort=modifieddate&direction=ascending&tabid=35&start=0&g=6
http://www.iis.net/downloads/default.aspx?CategoryName=Microsoft&CategoryID=96&sort=modifieddate&direction=ascending&tabid=35&start=0&g=6
hmm, I have installed both the tool on my server, let me try to give my best on it...
Thanks for the suggestion
Thanks for the suggestion
i have installed the iis lockdown with urlscan 2.5 on my Server Win 2k(IIS5) and is there any more configuration required on it. to get the web server more secure from this kind of Vulnerabilities.
Thanks in advance..!
Thanks in advance..!
below is the evidence for the problem i am facing.
Basic auth
GET / HTTP/1.1
Host: 192.168.1.15
Authorization: Basic cTFraTk6ZDA5a2xt
No response from server
Try manually
NTLM auth
GET / HTTP/1.1
Host: 192.168.1.15
Authorization: Negotiate TlRMTVNTUAABAAAAB4IAoAAAAA
No response from server
Try manually
Basic auth
GET / HTTP/1.1
Host: 192.168.1.15
Authorization: Basic cTFraTk6ZDA5a2xt
No response from server
Try manually
NTLM auth
GET / HTTP/1.1
Host: 192.168.1.15
Authorization: Negotiate TlRMTVNTUAABAAAAB4IAoAAAAA
No response from server
Try manually
ok, then what to do with this failure have installed IIS lockdown tool on my server, will there any more configuration required..?
Sorry I didn't make my comment clear. I see nothing wrong with the 'problem' you described in http:#2409144 That is normal by design handshaking by a web server.
I tried to get more on iis lockdown tool to get my iis more secure can you give some more idea about iis lockdown tool....?
Featured Post
Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Today I came across an interesting issue that had me pulling my hair out. I was troubleshooting a new internal web site which uses integrated security instead of anonymous. When browsing the site from my laptop, I was able to access it with no iss…
Lync server 2013 or Skype for business Backup Service Error ID 4049 – After File Share Migration
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have.
In this…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses
Course of the Month2 days, 2 hours left to enroll
717 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.