|
Home > Archive > IIS Server Security > June 2005 > http trace
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| GQuitugua 2005-06-13, 5:52 pm |
| I'm trying to secure the "http trace" vulnerability on my web server (xforce
article 11149). I have applied url scan and disabled the appropriate verbs.
My question is, I'd like to test it to ensure that in fact tracing is
disabled. Is there a command I can issue against my web server to test this
or some way I can check the status?
Regards,
George Quitugua
| |
| Bernard Cheah [MVP] 2005-06-13, 8:48 pm |
| Related to this ?
http://msmvps.com/bernard/archive/2003/12/30/1359.aspx
You can do a manual telnet to port 80 and issue the command, or you can try
wfetch
HOW TO: Use Wfetch.exe to Troubleshoot HTTP Connections
http://support.microsoft.com/?id=284285
--
Regards,
Bernard Cheah
http://www.microsoft.com/iis/
http://www.iiswebcastseries.com/
http://www.msmvps.com/bernard/
"GQuitugua" <GQuitugua@discussions.microsoft.com> wrote in message
news:A0CCB1AA-9954-4E2C-8CED-53965E42709C@microsoft.com...
> I'm trying to secure the "http trace" vulnerability on my web server
> (xforce
> article 11149). I have applied url scan and disabled the appropriate
> verbs.
> My question is, I'd like to test it to ensure that in fact tracing is
> disabled. Is there a command I can issue against my web server to test
> this
> or some way I can check the status?
>
> Regards,
>
> George Quitugua
|
|
|
|
|