Link to home
Start Free TrialLog in
Avatar of sunhux
sunhux

asked on

Ways to scan an IIS if 'directory browsing' has been disabled

We have a finding from an external PT scan tt one website (IIS 7.0) has
directory browsing enabled & a few folders were listable.

Now that we've applied the fix below, I need a safe & easy way to
rescan without initiating the external PT scan (which I need a CR):
https://technet.microsoft.com/en-us/library/cc731109(v=ws.10).aspx

Do I need to get the ISP to whitelist my source IP for this 'stripped down'
scan for directory browsing?

The full external PT tests for many items.  If there's an online site that
allow me to do just this (without scanning for other items) & generate
a decent-looking report, do share,  thanks
Avatar of William Fulks
William Fulks
Flag of United States of America image

What do you mean by PT scan?
Avatar of sunhux
sunhux

ASKER

PT = Penetration Test
and the PT our vendor uses includes a full suite of items that it scan.

I just want to check/scan for the specific IIS listable/browseable folders  is still there
without going thru the full suite
ASKER CERTIFIED SOLUTION
Avatar of Dan McFadden
Dan McFadden
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial