sunhux
asked on
Ways to scan an IIS if 'directory browsing' has been disabled
We have a finding from an external PT scan tt one website (IIS 7.0) has
directory browsing enabled & a few folders were listable.
Now that we've applied the fix below, I need a safe & easy way to
rescan without initiating the external PT scan (which I need a CR):
https://technet.microsoft.com/en-us/library/cc731109(v=ws.10).aspx
Do I need to get the ISP to whitelist my source IP for this 'stripped down'
scan for directory browsing?
The full external PT tests for many items. If there's an online site that
allow me to do just this (without scanning for other items) & generate
a decent-looking report, do share, thanks
directory browsing enabled & a few folders were listable.
Now that we've applied the fix below, I need a safe & easy way to
rescan without initiating the external PT scan (which I need a CR):
https://technet.microsoft.com/en-us/library/cc731109(v=ws.10).aspx
Do I need to get the ISP to whitelist my source IP for this 'stripped down'
scan for directory browsing?
The full external PT tests for many items. If there's an online site that
allow me to do just this (without scanning for other items) & generate
a decent-looking report, do share, thanks
What do you mean by PT scan?
ASKER
PT = Penetration Test
and the PT our vendor uses includes a full suite of items that it scan.
I just want to check/scan for the specific IIS listable/browseable folders is still there
without going thru the full suite
and the PT our vendor uses includes a full suite of items that it scan.
I just want to check/scan for the specific IIS listable/browseable folders is still there
without going thru the full suite
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.