IIS 6 on Win 2003 hardening query?
Web Server forum
Back To The Forum Home!Search!Private Messaging System
Visit your User Control Panel!Register your FREE username now!Visit Our Calendar!View the Member List!Faqs!Search our Forums!

Web Server Talk Web Server Talk > Web Servers reviews > IIS server support > IIS Server Security > IIS 6 on Win 2003 hardening query?




  Last Thread   Next Thread Next
  Show Printable Version Email this Page Subscribe to this Thread      Post New Thread    Post A Reply      

    IIS 6 on Win 2003 hardening query?  
Sunil Vakharia


View Ip Address Report This Message To A Moderator Edit/Delete Message


 
06-26-04 03:16 PM

Hi,

For IIS 5 hardening, the following are some of the registry keys to be set:

 HKLM\System\CurrentControlSet\Services\H
TTP\Parameters
AllowRestrictedChars == 0
MaxFieldLength == 16384 bytes
UrlSegmentMaxLength == 260
UrlSegmentMaxCount == 255
---------------------------------------------------------------------
Are these registry settings required for IIS 6.0 ?

Regards,
Sunil




[ Post a follow-up to this message ]



    Re: IIS 6 on Win 2003 hardening query?  
David Wang [Msft]


View Ip Address Report This Message To A Moderator Edit/Delete Message


 
06-26-04 03:16 PM

Nope, you don't need to set those registry values at all.

I do not know where you got the information that those registry keys are for
IIS5 Hardening.  That's incorrect.  Those registry keys only apply for IIS6
and are the default values.  They do not exist nor apply for IIS5.

Since they are the default values, I'd suggest that you do not bother with
setting them at all unless you know what you are doing.  The default values
are secure and already tradeoff functionality (i.e. people end up loosening
those values).

--
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Sunil Vakharia" <Sunil Vakharia@discussions.microsoft.com> wrote in message
news:9CF24CF3-31A7-4904-B3AB-F7B274F291E9@microsoft.com...
Hi,

For IIS 5 hardening, the following are some of the registry keys to be set:

 HKLM\System\CurrentControlSet\Services\H
TTP\Parameters
AllowRestrictedChars == 0
MaxFieldLength == 16384 bytes
UrlSegmentMaxLength == 260
UrlSegmentMaxCount == 255
---------------------------------------------------------------------
Are these registry settings required for IIS 6.0 ?

Regards,
Sunil




[ Post a follow-up to this message ]



    Sponsored Links  




 



   All times are GMT. The time now is 08:49 AM.      Post New Thread    Post A Reply      
  Last Thread   Next Thread Next


Most Popular forums 
Apache Server MySQL for Windows Sendmail
Red Hat Networking SuSe Linux Debian Linux
FreeBSD administration Sun Solaris administration Unix Shell programming
WebSphere Portal Server Exchange 2000 administration PostgreSQL administration
Linux Security Computer Security Firewalls

Forum Jump:
Rate This Thread:

Forum Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts 		HTML code is OFF
vB code is ON
Smilies are ON
[IMG] code is OFF
 
Medical and Health forum | Computer Games Reviews | Graphics design forum

Back To The Top
Home | Usercp | Faq | Register