Generally it should be removed from the NT/2K system prior to deployment. It gets a little tricky to *completely* remove it on 2k because of Windows File Protection, but there are a number of ways to defeat it.
IMHO, if your website requires POSIX support, it should probably be on a 'nix box anyway! :) -----Original Message----- From: Rj Subramanian [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 08, 2001 6:50 PM To: [EMAIL PROTECTED] Subject: RE: Location of web root Hey all, Directory traversals are one thing, but can anybody think of any reason why an attacker couldn't use the posix subsystem to navigate to whichever drive\partition\directory he or she wanted to test? Rj Subramanian Vanir MIS -----Original Message----- From: Renouf, Phillip [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 06, 2001 4:46 AM To: [EMAIL PROTECTED] Subject: RE: Location of web root The first major points about placing the wwwroot in a non-standard location is for the Directory Traversal exploit as you've brought up already. Many exploits will either rely on, or look for default settings like placing your websites in the c:\inetpub\wwwroot directory. The way that I generally set it up is to move the www and ftp roots to another drive, rename the wwwroot part to something else. I also acl the original inetpub directory so that only admin has access, remove the default virtual directories and move the log files off the C: drive. I've got two reasons for moving the logs: get them out of the standard directory and make sure they are on another drive so the log can't fill up the drive and bring the server down. Phil > OK Everyone, I need some help! > > I'm trying to articulate the reasons why it's better to place > the root of a > website on a separate partition, or at least in a separate > directory from > the application which uses IIS as a front-end...
