IIS Server Security - http trace method

This is Interesting: Free IT Magazines  
Home > Archive > IIS Server Security > October 2006 > http trace method





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author http trace method
AG

2006-10-13, 7:44 pm

I had a security audit, and following was found:
"http trace method enabled"
Could somebody explain to me how to remediate this and what consequences if
any i might have. Thank you.
Bernard Cheah [MVP]

2006-10-16, 1:35 am

You on IIS 5 ? by default IIS 6.0 - trace is disabled.
For IIS 5 or etc. Get urlscan to block it.

--
Regards,
Bernard Cheah
http://www.iis.net/
http://www.iis-resources.com/
http://msmvps.com/blogs/bernard/


"AG" <AG@discussions.microsoft.com> wrote in message
news:D20B4051-1A96-4EA6-B75B-BB11DC411997@microsoft.com...
>I had a security audit, and following was found:
> "http trace method enabled"
> Could somebody explain to me how to remediate this and what consequences
> if
> any i might have. Thank you.


Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com