Solved

Deleting default documentation on Exchange 2003/IIS6

Posted on 2011-09-15
2
221 Views
Last Modified: 2012-05-12
A recent external security audit turned up a few low priority items which I've been asked to correct.  I'm stuck on one of them which states:

(Low)  –  Default documentation was found installed with the HTTP daemon on device xxx.xxx.xxx.xxx.  Auditor recommends deleting all default documentation.

I'm not sure how to approach this one without breaking exchange/owa.  I can see the documentation tab under the default website properties for my exchange server running but I don't really know what they want me to do here.  The box for "Enable default content page" is checked and under it are several file names: iisstart.htm, Default.htm, Default.asp, index.htm, and Default.aspx.  I'm far from an IIS expert so would appreciate any guidance you could provide so this won't show up on the next audit.
0
Comment
Question by:First Last
2 Comments
 
LVL 12

Expert Comment

by:Nenadic
ID: 36547780
Could you share some information on the type of audit that was done? I was particularly drawn to the term "daemon" which comes from the UNIX world, so the audit may not have been perfectly suited to Wintel environments.
0
 
LVL 49

Accepted Solution

by:
Akhater earned 500 total points
ID: 36547789
What you are seeing is "default document" and not documentation. I guess also that the auditor is referring to the same thing


If you go to c:\inetpub\wwwroot you will a few files and folders.

assuming you have only owa running on this IIS move these to another location and keep wwwroot empty that should be enough for the auditor
0

Featured Post

The problems with reply email signatures

Do you wish that you could place an email signature under a reply? Well, unfortunately, you can't. That great Exchange/Office 365 signature you've created will just appear at the bottom of an email chain. What a pain! Is there really no way to solve this? Well, there might be...

Join & Write a Comment

Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now