IIS Lockdown Tool
Has anyone tried putting IIS Lockdown Tool v2.1 on their OWA server? Jim Busick Database Network Analyst, MCSE Santee School District List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool
Careful... http://support.microsoft.com/default.aspx?scid=kb;EN-US;q309508 William -Original Message- From: Jim Busick [mailto:[EMAIL PROTECTED]] Sent: Friday, December 14, 2001 12:30 PM To: MS-Exchange Admin Issues Subject: IIS Lockdown Tool Has anyone tried putting IIS Lockdown Tool v2.1 on their OWA server? Jim Busick Database Network Analyst, MCSE Santee School District List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool
It isn't advised. There is a Q article somewhere outlining specific steps to take if you want to go down that path. -Original Message- From: Jim Busick [mailto:[EMAIL PROTECTED]] Sent: Friday, December 14, 2001 12:30 PM To: MS-Exchange Admin Issues Subject: IIS Lockdown Tool Has anyone tried putting IIS Lockdown Tool v2.1 on their OWA server? Jim Busick Database Network Analyst, MCSE Santee School District List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
Re: IIS Lockdown Tool
William, Is this the one that can hose OWA ? - Original Message - From: "Lefkovics, William" <[EMAIL PROTECTED]> To: "MS-Exchange Admin Issues" <[EMAIL PROTECTED]> Sent: Friday, December 14, 2001 15:32 Subject: RE: IIS Lockdown Tool > Careful... > http://support.microsoft.com/default.aspx?scid=kb;EN-US;q309508 > > William > > -Original Message- > From: Jim Busick [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 14, 2001 12:30 PM > To: MS-Exchange Admin Issues > Subject: IIS Lockdown Tool > > > Has anyone tried putting IIS Lockdown Tool v2.1 on their OWA server? > > Jim Busick > Database Network Analyst, MCSE > Santee School District > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool
Don't tell anyone, but I hosed my OWA by installing IISLockdown and URLScan. Test server of course. -Original Message- From: David N. Precht [mailto:[EMAIL PROTECTED]] Sent: Friday, December 14, 2001 12:38 PM To: MS-Exchange Admin Issues Subject: Re: IIS Lockdown Tool William, Is this the one that can hose OWA ? - Original Message - From: "Lefkovics, William" <[EMAIL PROTECTED]> To: "MS-Exchange Admin Issues" <[EMAIL PROTECTED]> Sent: Friday, December 14, 2001 15:32 Subject: RE: IIS Lockdown Tool > Careful... > http://support.microsoft.com/default.aspx?scid=kb;EN-US;q309508 > > William > > -Original Message- > From: Jim Busick [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 14, 2001 12:30 PM > To: MS-Exchange Admin Issues > Subject: IIS Lockdown Tool > > > Has anyone tried putting IIS Lockdown Tool v2.1 on their OWA server? > > Jim Busick > Database Network Analyst, MCSE > Santee School District > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool
This new version is supposed to be include templates for OWA 5.5, that's why I wanted to try it. > -Original Message- > From: Martin Blackstone [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 14, 2001 12:30 PM > To: MS-Exchange Admin Issues > Subject: RE: IIS Lockdown Tool > > > It isn't advised. There is a Q article somewhere outlining > specific steps to > take if you want to go down that path. > > -Original Message- > From: Jim Busick [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 14, 2001 12:30 PM > To: MS-Exchange Admin Issues > Subject: IIS Lockdown Tool > > > Has anyone tried putting IIS Lockdown Tool v2.1 on their OWA server? > > Jim Busick > Database Network Analyst, MCSE > Santee School District > > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm > List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool
Was this the new version 2.1 of Lockdown? > -Original Message- > From: Lefkovics, William [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 14, 2001 12:38 PM > To: MS-Exchange Admin Issues > Subject: RE: IIS Lockdown Tool > > > Don't tell anyone, but I hosed my OWA by installing > IISLockdown and URLScan. > Test server of course. > > -Original Message- > From: David N. Precht [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 14, 2001 12:38 PM > To: MS-Exchange Admin Issues > Subject: Re: IIS Lockdown Tool > > > William, > Is this the one that can hose OWA ? > > > - Original Message - > From: "Lefkovics, William" <[EMAIL PROTECTED]> > To: "MS-Exchange Admin Issues" > <[EMAIL PROTECTED]> > Sent: Friday, December 14, 2001 15:32 > Subject: RE: IIS Lockdown Tool > > > > Careful... > > http://support.microsoft.com/default.aspx?scid=kb;EN-US;q309508 > > > > William > > > > -----Original Message- > > From: Jim Busick [mailto:[EMAIL PROTECTED]] > > Sent: Friday, December 14, 2001 12:30 PM > > To: MS-Exchange Admin Issues > > Subject: IIS Lockdown Tool > > > > > > Has anyone tried putting IIS Lockdown Tool v2.1 on their OWA server? > > > > Jim Busick > > Database Network Analyst, MCSE > > Santee School District > > > > List Charter and FAQ at: > > http://www.sunbelt-software.com/exchange_list_charter.htm > > > > _ > > Do You Yahoo!? > > Get your free @yahoo.com address at http://mail.yahoo.com > > > > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm > List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool
Yes. I did install on a clients OWA box. BIG MISTAKE. Read the instructions carefully. (I didn't) Maybe the new one is better. I have not looked at it yet. Bob Fronk, MCSE President / Consultant BTR Technologies, Inc. Email: [EMAIL PROTECTED] Website: www.btrtech.com This new version is supposed to be include templates for OWA 5.5, that's why I wanted to try it. > -Original Message- > From: Martin Blackstone [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 14, 2001 12:30 PM > To: MS-Exchange Admin Issues > Subject: RE: IIS Lockdown Tool > > > It isn't advised. There is a Q article somewhere outlining > specific steps to > take if you want to go down that path. > > -Original Message- > From: Jim Busick [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 14, 2001 12:30 PM > To: MS-Exchange Admin Issues > Subject: IIS Lockdown Tool > > > Has anyone tried putting IIS Lockdown Tool v2.1 on their OWA server? > > Jim Busick > Database Network Analyst, MCSE > Santee School District > > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm > List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool
:) -Original Message- From: David N. Precht [mailto:[EMAIL PROTECTED]] Sent: Friday, December 14, 2001 2:28 PM To: MS-Exchange Admin Issues Subject: Re: IIS Lockdown Tool Long day Martin... you know what I meant - Original Message - From: "Martin Blackstone" <[EMAIL PROTECTED]> To: "MS-Exchange Admin Issues" <[EMAIL PROTECTED]> Sent: Friday, December 14, 2001 17:20 Subject: RE: IIS Lockdown Tool > You speaky good talk > > -Original Message- > From: David N. Precht [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 14, 2001 2:21 PM > To: MS-Exchange Admin Issues > Subject: Re: IIS Lockdown Tool > > > How damage was done? > > - Original Message - > From: "Bob Fronk (BTR Technologies, Inc)" <[EMAIL PROTECTED]> > To: "MS-Exchange Admin Issues" <[EMAIL PROTECTED]> > Sent: Friday, December 14, 2001 17:16 > Subject: RE: IIS Lockdown Tool > > > > Yes. I did install on a clients OWA box. BIG MISTAKE. Read the > > instructions carefully. (I didn't) > > > > Maybe the new one is better. I have not looked at it yet. > > > > Bob Fronk, MCSE > > President / Consultant > > BTR Technologies, Inc. > > Email: [EMAIL PROTECTED] > > Website: www.btrtech.com > > > > > > > > > > This new version is supposed to be include templates for OWA 5.5, > > that's why I wanted to try it. > > > > > -Original Message- > > > From: Martin Blackstone [mailto:[EMAIL PROTECTED]] > > > Sent: Friday, December 14, 2001 12:30 PM > > > To: MS-Exchange Admin Issues > > > Subject: RE: IIS Lockdown Tool > > > > > > > > > It isn't advised. There is a Q article somewhere outlining > > > specific steps to take if you want to go down that path. > > > > > > -Original Message- > > > From: Jim Busick [mailto:[EMAIL PROTECTED]] > > > Sent: Friday, December 14, 2001 12:30 PM > > > To: MS-Exchange Admin Issues > > > Subject: IIS Lockdown Tool > > > > > > > > > Has anyone tried putting IIS Lockdown Tool v2.1 on their OWA > > > server? > > > > > > Jim Busick > > > Database Network Analyst, MCSE > > > Santee School District > > > > > > > > > List Charter and FAQ at: > > > http://www.sunbelt-software.com/exchange_list_charter.htm > > > > > > List Charter and FAQ at: > > > http://www.sunbelt-software.com/exchange_list_charter.htm > > > > > > > List Charter and FAQ at: > > http://www.sunbelt-software.com/exchange_list_charter.htm > > > > > > List Charter and FAQ at: > > http://www.sunbelt-software.com/exchange_list_charter.htm > > > > _ > > Do You Yahoo!? > > Get your free @yahoo.com address at http://mail.yahoo.com > > > > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool
Hit send too quickly... I haven't tried version 2.1 of IISLockdown yet. The KB article was last updated Dec 3, so I think it still applies. I forget who asked about it... -Original Message- From: Lefkovics, William [mailto:[EMAIL PROTECTED]] Sent: Friday, December 14, 2001 2:27 PM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool Martin always gets to the *bottom* of these things. I haven't tried version 2.1 of IISLockdown yet. -Original Message- From: David N. Precht [mailto:[EMAIL PROTECTED]] Sent: Friday, December 14, 2001 2:28 PM To: MS-Exchange Admin Issues Subject: Re: IIS Lockdown Tool Long day Martin... you know what I meant - Original Message - From: "Martin Blackstone" <[EMAIL PROTECTED]> To: "MS-Exchange Admin Issues" <[EMAIL PROTECTED]> Sent: Friday, December 14, 2001 17:20 Subject: RE: IIS Lockdown Tool > You speaky good talk > > -Original Message- > From: David N. Precht [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 14, 2001 2:21 PM > To: MS-Exchange Admin Issues > Subject: Re: IIS Lockdown Tool > > > How damage was done? > > - Original Message - > From: "Bob Fronk (BTR Technologies, Inc)" <[EMAIL PROTECTED]> > To: "MS-Exchange Admin Issues" <[EMAIL PROTECTED]> > Sent: Friday, December 14, 2001 17:16 > Subject: RE: IIS Lockdown Tool > > > > Yes. I did install on a clients OWA box. BIG MISTAKE. Read the > > instructions carefully. (I didn't) > > > > Maybe the new one is better. I have not looked at it yet. > > > > Bob Fronk, MCSE > > President / Consultant > > BTR Technologies, Inc. > > Email: [EMAIL PROTECTED] > > Website: www.btrtech.com > > > > > > > > > > This new version is supposed to be include templates for OWA 5.5, > > that's why I wanted to try it. > > > > > -Original Message- > > > From: Martin Blackstone [mailto:[EMAIL PROTECTED]] > > > Sent: Friday, December 14, 2001 12:30 PM > > > To: MS-Exchange Admin Issues > > > Subject: RE: IIS Lockdown Tool > > > > > > > > > It isn't advised. There is a Q article somewhere outlining > > > specific steps to > > > take if you want to go down that path. > > > > > > -Original Message- > > > From: Jim Busick [mailto:[EMAIL PROTECTED]] > > > Sent: Friday, December 14, 2001 12:30 PM > > > To: MS-Exchange Admin Issues > > > Subject: IIS Lockdown Tool > > > > > > > > > Has anyone tried putting IIS Lockdown Tool v2.1 on their OWA server? > > > > > > Jim Busick > > > Database Network Analyst, MCSE > > > Santee School District > > > > > > > > > List Charter and FAQ at: > > > http://www.sunbelt-software.com/exchange_list_charter.htm > > > > > > List Charter and FAQ at: > > > http://www.sunbelt-software.com/exchange_list_charter.htm > > > > > > > List Charter and FAQ at: > > http://www.sunbelt-software.com/exchange_list_charter.htm > > > > > > List Charter and FAQ at: > > http://www.sunbelt-software.com/exchange_list_charter.htm > > > > _ > > Do You Yahoo!? > > Get your free @yahoo.com address at http://mail.yahoo.com > > > > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool
No able access OWA. No able to fix. Do install again. Fix good. Just thought I would go along with the ribbing you were getting from the others. I applied the lockdown tool twice (accidentally) so I was unable to "undo" it. My stupid fault. But, MS could have provided a little better interface. (IMHO). Bob -Original Message- From: David N. Precht [mailto:[EMAIL PROTECTED]] Sent: Friday, December 14, 2001 5:21 PM To: MS-Exchange Admin Issues Subject: Re: IIS Lockdown Tool How damage was done? - Original Message - From: "Bob Fronk (BTR Technologies, Inc)" <[EMAIL PROTECTED]> To: "MS-Exchange Admin Issues" <[EMAIL PROTECTED]> Sent: Friday, December 14, 2001 17:16 Subject: RE: IIS Lockdown Tool > Yes. I did install on a clients OWA box. BIG MISTAKE. Read the > instructions carefully. (I didn't) > > Maybe the new one is better. I have not looked at it yet. > > Bob Fronk, MCSE > President / Consultant > BTR Technologies, Inc. > Email: [EMAIL PROTECTED] > Website: www.btrtech.com > > > > > This new version is supposed to be include templates for OWA 5.5, that's > why > I wanted to try it. > > > -Original Message- > > From: Martin Blackstone [mailto:[EMAIL PROTECTED]] > > Sent: Friday, December 14, 2001 12:30 PM > > To: MS-Exchange Admin Issues > > Subject: RE: IIS Lockdown Tool > > > > > > It isn't advised. There is a Q article somewhere outlining > > specific steps to > > take if you want to go down that path. > > > > -Original Message- > > From: Jim Busick [mailto:[EMAIL PROTECTED]] > > Sent: Friday, December 14, 2001 12:30 PM > > To: MS-Exchange Admin Issues > > Subject: IIS Lockdown Tool > > > > > > Has anyone tried putting IIS Lockdown Tool v2.1 on their OWA server? > > > > Jim Busick > > Database Network Analyst, MCSE > > Santee School District > > > > > > List Charter and FAQ at: > > http://www.sunbelt-software.com/exchange_list_charter.htm > > > > List Charter and FAQ at: > > http://www.sunbelt-software.com/exchange_list_charter.htm > > > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm > > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool
Oh...Not cool -Original Message- From: bfronk [mailto:[EMAIL PROTECTED]] Sent: Friday, December 14, 2001 18:51 To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool No able access OWA. No able to fix. Do install again. Fix good. Just thought I would go along with the ribbing you were getting from the others. I applied the lockdown tool twice (accidentally) so I was unable to "undo" it. My stupid fault. But, MS could have provided a little better interface. (IMHO). Bob -Original Message- From: David N. Precht [mailto:[EMAIL PROTECTED]] Sent: Friday, December 14, 2001 5:21 PM To: MS-Exchange Admin Issues Subject: Re: IIS Lockdown Tool How damage was done? - Original Message - From: "Bob Fronk (BTR Technologies, Inc)" <[EMAIL PROTECTED]> To: "MS-Exchange Admin Issues" <[EMAIL PROTECTED]> Sent: Friday, December 14, 2001 17:16 Subject: RE: IIS Lockdown Tool > Yes. I did install on a clients OWA box. BIG MISTAKE. Read the > instructions carefully. (I didn't) > > Maybe the new one is better. I have not looked at it yet. > > Bob Fronk, MCSE > President / Consultant > BTR Technologies, Inc. > Email: [EMAIL PROTECTED] > Website: www.btrtech.com > > > > > This new version is supposed to be include templates for OWA 5.5, that's > why > I wanted to try it. > > > -Original Message- > > From: Martin Blackstone [mailto:[EMAIL PROTECTED]] > > Sent: Friday, December 14, 2001 12:30 PM > > To: MS-Exchange Admin Issues > > Subject: RE: IIS Lockdown Tool > > > > > > It isn't advised. There is a Q article somewhere outlining > > specific steps to > > take if you want to go down that path. > > > > -Original Message- > > From: Jim Busick [mailto:[EMAIL PROTECTED]] > > Sent: Friday, December 14, 2001 12:30 PM > > To: MS-Exchange Admin Issues > > Subject: IIS Lockdown Tool > > > > > > Has anyone tried putting IIS Lockdown Tool v2.1 on their OWA server? > > > > Jim Busick > > Database Network Analyst, MCSE > > Santee School District > > > > > > List Charter and FAQ at: > > http://www.sunbelt-software.com/exchange_list_charter.htm > > > > List Charter and FAQ at: > > http://www.sunbelt-software.com/exchange_list_charter.htm > > > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm > > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool
I've used the new version. Used the Exchange 2000 OWA template, didn't bother with URLScan, and all was fine and dandy. The uninstall even works, too! Neil -Original Message- From: Lefkovics, William [mailto:[EMAIL PROTECTED]] Posted At: 14 December 2001 22:29 Posted To: Sunbelt Exchange List Conversation: IIS Lockdown Tool Subject: RE: IIS Lockdown Tool Hit send too quickly... I haven't tried version 2.1 of IISLockdown yet. The KB article was last updated Dec 3, so I think it still applies. I forget who asked about it... -Original Message- From: Lefkovics, William [mailto:[EMAIL PROTECTED]] Sent: Friday, December 14, 2001 2:27 PM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool Martin always gets to the *bottom* of these things. I haven't tried version 2.1 of IISLockdown yet. -Original Message- From: David N. Precht [mailto:[EMAIL PROTECTED]] Sent: Friday, December 14, 2001 2:28 PM To: MS-Exchange Admin Issues Subject: Re: IIS Lockdown Tool Long day Martin... you know what I meant - Original Message - From: "Martin Blackstone" <[EMAIL PROTECTED]> To: "MS-Exchange Admin Issues" <[EMAIL PROTECTED]> Sent: Friday, December 14, 2001 17:20 Subject: RE: IIS Lockdown Tool > You speaky good talk > > -Original Message- > From: David N. Precht [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 14, 2001 2:21 PM > To: MS-Exchange Admin Issues > Subject: Re: IIS Lockdown Tool > > > How damage was done? > > - Original Message - > From: "Bob Fronk (BTR Technologies, Inc)" <[EMAIL PROTECTED]> > To: "MS-Exchange Admin Issues" <[EMAIL PROTECTED]> > Sent: Friday, December 14, 2001 17:16 > Subject: RE: IIS Lockdown Tool > > > > Yes. I did install on a clients OWA box. BIG MISTAKE. Read the > > instructions carefully. (I didn't) > > > > Maybe the new one is better. I have not looked at it yet. > > > > Bob Fronk, MCSE > > President / Consultant > > BTR Technologies, Inc. > > Email: [EMAIL PROTECTED] > > Website: www.btrtech.com > > > > > > > > > > This new version is supposed to be include templates for OWA 5.5, > > that's why I wanted to try it. > > > > > -Original Message- > > > From: Martin Blackstone [mailto:[EMAIL PROTECTED]] > > > Sent: Friday, December 14, 2001 12:30 PM > > > To: MS-Exchange Admin Issues > > > Subject: RE: IIS Lockdown Tool > > > > > > > > > It isn't advised. There is a Q article somewhere outlining > > > specific steps to take if you want to go down that path. > > > > > > -Original Message- > > > From: Jim Busick [mailto:[EMAIL PROTECTED]] > > > Sent: Friday, December 14, 2001 12:30 PM > > > To: MS-Exchange Admin Issues > > > Subject: IIS Lockdown Tool > > > > > > > > > Has anyone tried putting IIS Lockdown Tool v2.1 on their OWA > > > server? > > > > > > Jim Busick > > > Database Network Analyst, MCSE > > > Santee School District > > > > > > > > > List Charter and FAQ at: > > > http://www.sunbelt-software.com/exchange_list_charter.htm > > > > > > List Charter and FAQ at: > > > http://www.sunbelt-software.com/exchange_list_charter.htm > > > > > > > List Charter and FAQ at: > > http://www.sunbelt-software.com/exchange_list_charter.htm > > > > > > List Charter and FAQ at: > > http://www.sunbelt-software.com/exchange_list_charter.htm > > > > _ > > Do You Yahoo!? > > Get your free @yahoo.com address at http://mail.yahoo.com > > > > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm ** This eMail and any files transmitted with it are confidential and intended solely for the use of the individual to whom it is addressed. Any view or opinions presented are solely those of the author and do not necessarily represent those of Silversands or any of its subsidiary companies. If you have received this eMail in error please contact the Support Desk Immediately by telephone on 01202-36 or on eMail at [EMAIL PROTECTED] ** List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
IIS Lockdown Tool v2.1
Title: RE: Troubleshooting NDR messages I was wondering if anybody tried new version of IIS Lockdown tool yet and if there're any issues with OWA or any other Exchange components. From what I've seen, it now comes bundled with URLScan and has pre-built configuration schemes for OWA on both Exchange5.5 and 2000. Please post your findings.. Can be downloaded here: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/locktool.asp List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool v2.1
Title: Message It worked on 5.5 test box for me -Original Message-From: Dimitri Limanovski [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 10:54 AMTo: MS-Exchange Admin IssuesSubject: IIS Lockdown Tool v2.1 I was wondering if anybody tried new version of IIS Lockdown tool yet and if there're any issues with OWA or any other Exchange components. From what I've seen, it now comes bundled with URLScan and has pre-built configuration schemes for OWA on both Exchange5.5 and 2000. Please post your findings.. Can be downloaded here: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/locktool.aspList Charter and FAQ at:http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool v2.1
Title: Message
Did you take
default "OWA for Exchange5.5" configuration?
I was wondering if
URLScan will mess up HTTPS access to OWA?
From what I've
seen so far it only does method/keyword filtering and not the protocol/port
itself..
Dimitri
-Original Message-From: Martin Blackstone
[mailto:[EMAIL PROTECTED]]Sent: Thursday, December 27,
2001 2:11 PMTo: MS-Exchange Admin IssuesSubject: RE: IIS
Lockdown Tool v2.1
It worked on
5.5 test box for me
-Original Message-From: Dimitri Limanovski
[mailto:[EMAIL PROTECTED]] Sent: Thursday, December
27, 2001 10:54 AMTo: MS-Exchange Admin IssuesSubject:
IIS Lockdown Tool v2.1
I was
wondering if anybody tried new version of IIS Lockdown tool yet and if
there're any issues with OWA or any other Exchange
components.
From what I've
seen, it now comes bundled with URLScan and has pre-built configuration
schemes for OWA on both Exchange5.5 and 2000.
Please post
your findings..
Can be
downloaded here:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/locktool.aspList
Charter and FAQ
at:http://www.sunbelt-software.com/exchange_list_charter.htmList
Charter and FAQ
at:http://www.sunbelt-software.com/exchange_list_charter.htm
List Charter and FAQ at:
http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool v2.1
Title: Message Yes I didand I use SSL too. -Original Message-From: Dimitri Limanovski [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 11:18 AMTo: MS-Exchange Admin IssuesSubject: RE: IIS Lockdown Tool v2.1 Did you take default "OWA for Exchange5.5" configuration? I was wondering if URLScan will mess up HTTPS access to OWA? From what I've seen so far it only does method/keyword filtering and not the protocol/port itself.. Dimitri -Original Message-From: Martin Blackstone [mailto:[EMAIL PROTECTED]]Sent: Thursday, December 27, 2001 2:11 PMTo: MS-Exchange Admin IssuesSubject: RE: IIS Lockdown Tool v2.1 It worked on 5.5 test box for me -Original Message-From: Dimitri Limanovski [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 10:54 AMTo: MS-Exchange Admin IssuesSubject: IIS Lockdown Tool v2.1 I was wondering if anybody tried new version of IIS Lockdown tool yet and if there're any issues with OWA or any other Exchange components. From what I've seen, it now comes bundled with URLScan and has pre-built configuration schemes for OWA on both Exchange5.5 and 2000. Please post your findings.. Can be downloaded here: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/locktool.aspList Charter and FAQ at:http://www.sunbelt-software.com/exchange_list_charter.htmList Charter and FAQ at:http://www.sunbelt-software.com/exchange_list_charter.htmList Charter and FAQ at:http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool v2.1
Title: Message Has anyone seen, or does anyone have a suggestion as to why my OWA replies add an http 404 error to the body of the message I am replying to instead of the message text. (see below) note: This message sent via OWA Thanks AlV -Original Message- From: Dimitri Limanovski Sent: Thu 12/27/2001 2:17 PM To: MS-Exchange Admin Issues Cc: Subject: RE: IIS Lockdown Tool v2.1 The page cannot be found The page you are looking for might have been removed, had its name changed, or is temporarily unavailable. Please try the following: If you typed the page address in the Address bar, make sure that it is spelled correctly. Open the home page, and then look for links to the information you want. Click the Back button to try another link. HTTP 404 - File not foundInternet Information Services Technical Information (for support personnel) More information:Microsoft Support List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool v2.1
Title: Message It looks like they finally got it right. I have now run it on a web server and an OWA server with no problems. -Original Message-From: Martin Blackstone Sent: Thursday, December 27, 2001 11:28 AMTo: MS-Exchange Admin IssuesSubject: RE: IIS Lockdown Tool v2.1 Yes I didand I use SSL too. -Original Message-From: Dimitri Limanovski [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 11:18 AMTo: MS-Exchange Admin IssuesSubject: RE: IIS Lockdown Tool v2.1 Did you take default "OWA for Exchange5.5" configuration? I was wondering if URLScan will mess up HTTPS access to OWA? From what I've seen so far it only does method/keyword filtering and not the protocol/port itself.. Dimitri -Original Message-From: Martin Blackstone [mailto:[EMAIL PROTECTED]]Sent: Thursday, December 27, 2001 2:11 PMTo: MS-Exchange Admin IssuesSubject: RE: IIS Lockdown Tool v2.1 It worked on 5.5 test box for me -Original Message-From: Dimitri Limanovski [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 10:54 AMTo: MS-Exchange Admin IssuesSubject: IIS Lockdown Tool v2.1 I was wondering if anybody tried new version of IIS Lockdown tool yet and if there're any issues with OWA or any other Exchange components. From what I've seen, it now comes bundled with URLScan and has pre-built configuration schemes for OWA on both Exchange5.5 and 2000. Please post your findings.. Can be downloaded here: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/locktool.aspList Charter and FAQ at:http://www.sunbelt-software.com/exchange_list_charter.htmList Charter and FAQ at:http://www.sunbelt-software.com/exchange_list_charter.htmList Charter and FAQ at:http://www.sunbelt-software.com/exchange_list_charter.htmList Charter and FAQ at:http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool v2.1
Looks good to me too. I never touched URLScan before though. How do you modify its settings? Or do you just leave it alone? I checked the log file and it shows that it blocks requests for certain file types, but I was wondering how you change those types, or if I should just rerun IIS Lockdown and it'll change it accordingly? -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 3:52 PM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 It looks like they finally got it right. I have now run it on a web server and an OWA server with no problems. -Original Message- From: Martin Blackstone Sent: Thursday, December 27, 2001 11:28 AM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 Yes I didand I use SSL too. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool v2.1
I dunno -Original Message- From: Allen Crawford [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 1:04 PM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 Looks good to me too. I never touched URLScan before though. How do you modify its settings? Or do you just leave it alone? I checked the log file and it shows that it blocks requests for certain file types, but I was wondering how you change those types, or if I should just rerun IIS Lockdown and it'll change it accordingly? -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 3:52 PM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 It looks like they finally got it right. I have now run it on a web server and an OWA server with no problems. -Original Message- From: Martin Blackstone Sent: Thursday, December 27, 2001 11:28 AM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 Yes I didand I use SSL too. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool v2.1
URLScan runs in the %systemroot%\system32\inetsrv\urlscan directory. Look for urlscan.txt which outlines how to modify the urlscan.ini file. I know there are some templates for using OWA and ESM with URLScan but their location escapes me at the moment. Hope this helps. Regards, Kevin Loney -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 1:07 PM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 I dunno -Original Message- From: Allen Crawford [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 1:04 PM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 Looks good to me too. I never touched URLScan before though. How do you modify its settings? Or do you just leave it alone? I checked the log file and it shows that it blocks requests for certain file types, but I was wondering how you change those types, or if I should just rerun IIS Lockdown and it'll change it accordingly? -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 3:52 PM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 It looks like they finally got it right. I have now run it on a web server and an OWA server with no problems. -Original Message- From: Martin Blackstone Sent: Thursday, December 27, 2001 11:28 AM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 Yes I didand I use SSL too. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool v2.1
Kev, if you could find these templates I would be greatful! I set it up by trial and error, failing it, and checking the logs. But, I am still getting intermittent failures that are being a bitch to track! I wouldn't mind to see if I actually have it set up right. Thanks, jlc -Original Message- From: Kevin Loney [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 2:57 PM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 URLScan runs in the %systemroot%\system32\inetsrv\urlscan directory. Look for urlscan.txt which outlines how to modify the urlscan.ini file. I know there are some templates for using OWA and ESM with URLScan but their location escapes me at the moment. Hope this helps. Regards, Kevin Loney -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 1:07 PM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 I dunno -Original Message- From: Allen Crawford [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 1:04 PM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 Looks good to me too. I never touched URLScan before though. How do you modify its settings? Or do you just leave it alone? I checked the log file and it shows that it blocks requests for certain file types, but I was wondering how you change those types, or if I should just rerun IIS Lockdown and it'll change it accordingly? -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 3:52 PM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 It looks like they finally got it right. I have now run it on a web server and an OWA server with no problems. -Original Message- From: Martin Blackstone Sent: Thursday, December 27, 2001 11:28 AM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 Yes I didand I use SSL too. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: IIS Lockdown Tool v2.1
Here are a few MS articles regarding IIS Lockdown and URLScan w/ OWA: Q309508 Q309677 Hope these help out! Regards, Kevin -Original Message- From: Joe L. Casale [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 7:54 PM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 Kev, if you could find these templates I would be greatful! I set it up by trial and error, failing it, and checking the logs. But, I am still getting intermittent failures that are being a bitch to track! I wouldn't mind to see if I actually have it set up right. Thanks, jlc -Original Message- From: Kevin Loney [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 2:57 PM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 URLScan runs in the %systemroot%\system32\inetsrv\urlscan directory. Look for urlscan.txt which outlines how to modify the urlscan.ini file. I know there are some templates for using OWA and ESM with URLScan but their location escapes me at the moment. Hope this helps. Regards, Kevin Loney -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 1:07 PM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 I dunno -Original Message- From: Allen Crawford [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 1:04 PM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 Looks good to me too. I never touched URLScan before though. How do you modify its settings? Or do you just leave it alone? I checked the log file and it shows that it blocks requests for certain file types, but I was wondering how you change those types, or if I should just rerun IIS Lockdown and it'll change it accordingly? -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 3:52 PM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 It looks like they finally got it right. I have now run it on a web server and an OWA server with no problems. -Original Message- From: Martin Blackstone Sent: Thursday, December 27, 2001 11:28 AM To: MS-Exchange Admin Issues Subject: RE: IIS Lockdown Tool v2.1 Yes I didand I use SSL too. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
New IIS Lockdown tool from Microsoft
I have not had the chance to try it but here goes nothing http://www.microsoft.com/technet/itsolutions/security/tools/locktool.asp What it does; 1. Creates two new groups, Web Anonymous Users and Web Applications, puts the IUSR and IWAM accounts in them respectively, then sets an ACE more than enough executables to specifically deny any access to those files. Good job. 2. Disables WebDAV. Good job. 3. Provides a new .dll, called 404.dll, that is implemented with all (or some) ISAPI filter script mappings. This provides a 404 response to any request for such a file. Probably the best we could expect since its impossible to tell IIS to not allow the re-implementation of a given script type (i.e. you can't prevent it from re-implementing .ida, but if its already mapped to a .dll you're not likely to overwrite the existing mapping). So so job. I haven't checked yet whether 404.dll is added to the WFC dllcache, I sure hope so. 4. Removes sample files. About time. 5. Removes the \scripts and \msadc *virtual* directories (the actual directories themselves, and their contents, are left intact). The directories should have been removed as well. 6. Explicitly denies the IUSR account write access to the contents of the INETPUB directory. Unfortunately it does this using a DACE, which NT 4.0 cannot handle, so on NT 4.0 systems you won't be able to view any security information about these modified files after the tool is run. W2K systems don't have this problem. Guess this is just another example of how MS seems to have forgotten how many NT 4.0 systems are out there, or figure that no Novices run NT 4.0? List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
Re: New IIS Lockdown tool from Microsoft
Thanks Russ. If you're gonna cut and paste a quote from someone, you should give 'em some sort of credit... > I have not had the chance to try it but here goes nothing > > http://www.microsoft.com/technet/itsolutions/security/tools/locktool.asp > > What it does; > > 1. Creates two new groups, Web Anonymous Users and Web Applications, > puts the IUSR and IWAM accounts in them respectively, then sets an > ACE more than enough executables to specifically deny any access to > those files. Good job. > > 2. Disables WebDAV. Good job. > > 3. Provides a new .dll, called 404.dll, that is implemented with all > (or some) ISAPI filter script mappings. This provides a 404 response > to any request for such a file. Probably the best we could expect > since its impossible to tell IIS to not allow the re-implementation > of a given script type (i.e. you can't prevent it from > re-implementing .ida, but if its already mapped to a .dll you're not > likely to overwrite the existing mapping). So so job. I haven't > checked yet whether 404.dll is added to the WFC dllcache, I sure hope > so. > > 4. Removes sample files. About time. > > 5. Removes the \scripts and \msadc *virtual* directories (the actual > directories themselves, and their contents, are left intact). The > directories should have been removed as well. > > 6. Explicitly denies the IUSR account write access to the contents of > the INETPUB directory. Unfortunately it does this using a DACE, which > NT 4.0 cannot handle, so on NT 4.0 systems you won't be able to view > any security information about these modified files after the tool is > run. W2K systems don't have this problem. Guess this is just another > example of how MS seems to have forgotten how many NT 4.0 systems are > out there, or figure that no Novices run NT 4.0? List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: New IIS Lockdown tool from Microsoft
My apologies to every one especially Russ, I thought (being in a rush, of course) that I left most of the email intact, but no . I guess it is not my day ! -Original Message- From: Steve Norton [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 19:51 To: MS-Exchange Admin Issues Subject: Re: New IIS Lockdown tool from Microsoft Thanks Russ. If you're gonna cut and paste a quote from someone, you should give 'em some sort of credit... > I have not had the chance to try it but here goes nothing > > http://www.microsoft.com/technet/itsolutions/security/tools/locktool.asp > > What it does; > > 1. Creates two new groups, Web Anonymous Users and Web Applications, > puts the IUSR and IWAM accounts in them respectively, then sets an > ACE more than enough executables to specifically deny any access to > those files. Good job. > > 2. Disables WebDAV. Good job. > > 3. Provides a new .dll, called 404.dll, that is implemented with all > (or some) ISAPI filter script mappings. This provides a 404 response > to any request for such a file. Probably the best we could expect > since its impossible to tell IIS to not allow the re-implementation > of a given script type (i.e. you can't prevent it from > re-implementing .ida, but if its already mapped to a .dll you're not > likely to overwrite the existing mapping). So so job. I haven't > checked yet whether 404.dll is added to the WFC dllcache, I sure hope > so. > > 4. Removes sample files. About time. > > 5. Removes the \scripts and \msadc *virtual* directories (the actual > directories themselves, and their contents, are left intact). The > directories should have been removed as well. > > 6. Explicitly denies the IUSR account write access to the contents of > the INETPUB directory. Unfortunately it does this using a DACE, which > NT 4.0 cannot handle, so on NT 4.0 systems you won't be able to view > any security information about these modified files after the tool is > run. W2K systems don't have this problem. Guess this is just another > example of how MS seems to have forgotten how many NT 4.0 systems are > out there, or figure that no Novices run NT 4.0? List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
FW: Do not use IIS lockdown tool
FYI ... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of tech forum Sent: Wednesday, September 19, 2001 18:29 To: Exchange Discussions Subject: Do not use IIS lockdown tool Microsoft PSS told me the IIS lockdown tool should not be used on a Exchagne 2000 Server. The Exchagne guru at Microsoft looked at what the tool did. He found that because of Exchange 2000 reliance on IIS 5, the tool distrupts Exchange. I asked him if Microsoft are gong to let people know and he said he would speak to his supervisors about letting people know. We used the undo feature and the virtual servers reset to an old IP. Under Exchange System Manager, server, protocols, virtual servers it still said all the IP were the correct IPs. We went to the IIS metabase and all the old info had been reset by the IIS lockdown tools, undo feature. To my knowledge Microsoft still have not released the info they told me. Nathan _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
