08-28-04 07:48 AM
iislockd.exe is not supported on Windows Server 2003 nor should it be run on
IIS6.
I'm surprised you managed to run iislockd.exe -- When I run iislockd.exe on
IIS6 and Windows Server 2003, it immediately displays an error message and
will not continue.
Are you sure you ran a legitimate iislockd.exe binary? If you say that you
successfully locked down IIS6 with an iislockd.exe that worked, then I
suspect you ran a trojan.
BTW, IIS6 does not listen on port 80 -- HTTP.SYS listens on port 80. All
IIS6 does is register with HTTP.SYS to deliver inbound requests from certain
IP:Port:Host bindings to its w3wp.exe to be executed. Also, inetinfo.exe
merely contains the metabase (IIS in-memory Configuration) and does not load
any user code. The W3SVC service is also a separate entity inside its own
svchost.exe that does not load any user code, so it is always running.
w3wp.exe is what loads user code and executes HTTP requests.
In a functioning webserver, svchost.exe containing W3SVC service,
inetinfo.exe containing IISADMIN service, any number of w3wp.exe, and
HTTP.SYS kernel driver (controlled via the HTTP service) are all running.
Thus, it is possible for you to have IISADMIN started but not HTTP, thus
inetinfo.exe is running but since HTTP.SYS is not, port80 is not open.
Or, maybe your server has already been hacked by a trojan iislockd.exe, so
you shouldn't believe what any port scan tells you.
--
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Dean Durant" <anonymous@discussions.microsoft.com> wrote in message
news:09d901c48c3b$65aea540$a401280a@phx.gbl...
Hello, I locked down IIS 6 with the iislockd.exe tool and
now it won't start. inetinfo is running as a process,
but a port scan shows that port 80 is not open, and I
can't administer the server. Windows says the service
cannot be started. Uninstalling and reinstalling IIS does
not help. I can't re-image this server. Does anyone have
any ideas? Thanks
[ Post a follow-up to this message ]
| 
