|
Home > Archive > IIS Server Security > December 2004 > IIS Anonymous User
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
IIS Anonymous User
|
|
|
| I have a DNS server. In the windows security log, the anonymous user
(IUSR_<server name> ) is recorded as logging on/off numerous times each
day...at all hours of the day and night. These logons do not coincide
with anything I see in the IIS log.
Not knowing a whole lot about IIS, is this normal activity? The only
function of this server is DNS, is it even necessary to have the IIS
service running (both web and ftp currently are). Will configuring IIS
to not accept anonymous logons affect anything a DNS server requires
to function?
Thanks in advance for advice or recommendations.
| |
| Jeff Cochran 2004-12-03, 6:10 pm |
| On 3 Dec 2004 06:39:28 -0800, cjj3520@aol.com (JCM) wrote:
>The only
>function of this server is DNS, is it even necessary to have the IIS
>service running (both web and ftp currently are).
If you only run DNS, only have DNS on the server. Remove IIS and FTP.
Possibly your log findings are related to your anonymous FTP having
been compromised and running a WaReZ server.
Jeff
| |
| cjj3520@aol.com 2004-12-06, 7:47 am |
|
Thanks Jeff. I should have mentioned in my earlier post that the ftp
service is not running, just the web service. Also, our users access
their email accounts via the internet to our Notes server. Could this
(IIS) be the means by which they accomplish this? Thank you.
Jeff Cochran wrote:
> On 3 Dec 2004 06:39:28 -0800, cjj3520@aol.com (JCM) wrote:
>
>
> If you only run DNS, only have DNS on the server. Remove IIS and
FTP.
> Possibly your log findings are related to your anonymous FTP having
> been compromised and running a WaReZ server.
>
> Jeff
|
|
|
|
|