Solved

Deleting default documentation on Exchange 2003/IIS6

Posted on 2011-09-15
2
225 Views
Last Modified: 2012-05-12
A recent external security audit turned up a few low priority items which I've been asked to correct.  I'm stuck on one of them which states:

(Low)  –  Default documentation was found installed with the HTTP daemon on device xxx.xxx.xxx.xxx.  Auditor recommends deleting all default documentation.

I'm not sure how to approach this one without breaking exchange/owa.  I can see the documentation tab under the default website properties for my exchange server running but I don't really know what they want me to do here.  The box for "Enable default content page" is checked and under it are several file names: iisstart.htm, Default.htm, Default.asp, index.htm, and Default.aspx.  I'm far from an IIS expert so would appreciate any guidance you could provide so this won't show up on the next audit.
0
Comment
Question by:First Last
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 12

Expert Comment

by:Nenadic
ID: 36547780
Could you share some information on the type of audit that was done? I was particularly drawn to the term "daemon" which comes from the UNIX world, so the audit may not have been perfectly suited to Wintel environments.
0
 
LVL 49

Accepted Solution

by:
Akhater earned 500 total points
ID: 36547789
What you are seeing is "default document" and not documentation. I guess also that the auditor is referring to the same thing


If you go to c:\inetpub\wwwroot you will a few files and folders.

assuming you have only owa running on this IIS move these to another location and keep wwwroot empty that should be enough for the auditor
0

Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
In-place Upgrading Dirsync to Azure AD Connect
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question