Hello,
I have a document I've built over the years about securing IIS/5,
with regards to permissions, etc right down to the file level. This often
works, except when I get that pesky ASP engine involved. I'm sick of
HTTP/500 errors! I know for a fact the error is with file permissions, but
I can't pin-point which file(s) are causing it. I've had the dllhost.exe
keep getting "ACCESS DENIED" (Using NTFileMon from sysinternals.com) on
C:\winnt\system32\<some_file> but...the permissions on that
file/folder/whatever are IUSR/IWAM/SYSTEM (RWX).
Bottom line, does anyone have a definitive "baseline IIS/5 w/ASP"
security document done I could look over? Just curious - dying to know what
I'm missing.
I have a document I've built over the years about securing IIS/5,
with regards to permissions, etc right down to the file level. This often
works, except when I get that pesky ASP engine involved. I'm sick of
HTTP/500 errors! I know for a fact the error is with file permissions, but
I can't pin-point which file(s) are causing it. I've had the dllhost.exe
keep getting "ACCESS DENIED" (Using NTFileMon from sysinternals.com) on
C:\winnt\system32\<some_file> but...the permissions on that
file/folder/whatever are IUSR/IWAM/SYSTEM (RWX).
Bottom line, does anyone have a definitive "baseline IIS/5 w/ASP"
security document done I could look over? Just curious - dying to know what
I'm missing.
?Ralph
[ reply ]