IIS Server Security - Where to find the denied requests for IIS 6

This is Interesting: Free IT Magazines  
Home > Archive > IIS Server Security > April 2005 > Where to find the denied requests for IIS 6





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Where to find the denied requests for IIS 6
Keith-Earl

2005-04-18, 7:54 am

We know that the std IIS logs contain the return codes of 401, 402, etc.,
but we are interested in the URLScan logs that were present in IIS 5 and
prior with the URLScan tool was setup.

I am told not to run URLScan or IIS Lockdown on an IIS 6 box because that
functionality is baked right into IIS 6. But where do I read the detail
results of a blocked request like I used to get with URLScan?

Many thanks,

Keith


Ken Schaefer

2005-04-18, 5:53 pm

Blocked requests (e.g. for disallowed webservice extensions) are logged into
the main IIS logfile.

Cheers
Ken

--
Blog: www.adopenstatic.com/cs/blogs/ken/
Web: www.adopenstatic.com

"Keith-Earl" <keith_NO_SPAM_HERE_rowe79@hotmail.com> wrote in message
news:%23DuwL3ARFHA.3076@TK2MSFTNGP14.phx.gbl...
: We know that the std IIS logs contain the return codes of 401, 402, etc.,
: but we are interested in the URLScan logs that were present in IIS 5 and
: prior with the URLScan tool was setup.
:
: I am told not to run URLScan or IIS Lockdown on an IIS 6 box because that
: functionality is baked right into IIS 6. But where do I read the detail
: results of a blocked request like I used to get with URLScan?
:
: Many thanks,
:
: Keith
:
:


Bernard

2005-04-19, 2:48 am

You still can deploy urlscan if it fits your requirement, refer
http://www.microsoft.com/technet/se...lscan.mspx#ECAA


--
Regards,
Bernard Cheah
http://www.tryiis.com/
http://support.microsoft.com/
http://www.msmvps.com/bernard/


"Keith-Earl" <keith_NO_SPAM_HERE_rowe79@hotmail.com> wrote in message
news:%23DuwL3ARFHA.3076@TK2MSFTNGP14.phx.gbl...
> We know that the std IIS logs contain the return codes of 401, 402, etc.,
> but we are interested in the URLScan logs that were present in IIS 5 and
> prior with the URLScan tool was setup.
>
> I am told not to run URLScan or IIS Lockdown on an IIS 6 box because that
> functionality is baked right into IIS 6. But where do I read the detail
> results of a blocked request like I used to get with URLScan?
>
> Many thanks,
>
> Keith
>


Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com