Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

IIS 7 reveals internal IP address - appcmd.exe help [PCI scan / PEN testing failure]

Posted on 2014-10-21
4
Medium Priority
?
1,434 Views
Last Modified: 2014-11-01
Hi experts
I have a Exchange 2010 server which has failed a PCI compliance scan during PEN testing.
I need to apply the fix detailed below, which uses appcmd.exe.  I have little knowledge of IIS.
http://blogs.msdn.com/b/mike/archive/2008/11/18/removing-an-iis-server-s-ip-address-from-http-
responses.aspx

suggested cmd is:
appcmd.exe set config -section:system.webServer/serverRuntime /alternateHostName:"myServer"  /commit:apphost

Before I run this cmd I want to find out if my server has an existing alternateHostName and if so what it is.  This is essentially because I want to be able to return be install to it current state in the event this fix causes side effects.

How can I use appcmd.exe [supply code] to find the alternateHostName?
0
Comment
Question by:fieldj
  • 3
4 Comments
 
LVL 84

Expert Comment

by:David Johnson, CD, MVP
ID: 40394517
there are no known side effects of using that fix other than passing your pci text
0
 

Author Comment

by:fieldj
ID: 40394938
Thanks David
Do you know how can I use appcmd.exe [supply code] to find the alternateHostName?
0
 

Accepted Solution

by:
fieldj earned 0 total points
ID: 40406097
I ran the following cmd to backup my IIS config
C:\Windows\System32\inetsrv>appcmd.exe add backup "My Backup Name"
You can confirm this with
C:\Windows\System32\inetsrv>appcmd.exe list backups
And restore if need be
C:\Windows\System32\inetsrv>appcmd.exe restore backup "My Backup Name"

Then I ran the cmd
C:\Windows\System32\inetsrv>appcmd.exe set config "Default Web Site" -section:sy
stem.webServer/serverRuntime /enabled:"True"  /commit:apphost

Followed by the cmd in the posted article
C:\Windows\System32\inetsrv>appcmd.exe set config -section:system.webServer/serv
erRuntime /alternateHostName:"ServerName"  /commit:apphost
0
 

Author Closing Comment

by:fieldj
ID: 40416973
best answer of the responses
0

Featured Post

[Webinar] Cloud Security

In this webinar you will learn:

-Why existing firewall and DMZ architectures are not suited for securing cloud applications
-How to make your enterprise “Cloud Ready”, and fix your aging DMZ architecture
-How to transform your enterprise and become a Cloud Enabler

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Steps to fix “Unable to mount database. (hr=0x80004005, ec=1108)”.
Eseutil Hard Recovery is part of exchange tool and ensures Exchange mailbox data recovery when mailbox gets corrupt due to some problem on Exchange server.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video discusses moving either the default database or any database to a new volume.
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question