Another IIS Blog
-
Tricking Rapid Fail Protection
If an attacker or a piece of poorly written code can crash an IIS worker process you might face a Denial-of-Service condition. IIS would spawn up a new worker process which crashes again as soon as it executes the vulnerable code. Spawning up processes is a pretty expensive operation on Windows and constantly trying to start new worker processes might bring your web server to a halt. And that's why the Rapid Fail Protection feature was introduced in IIS6.
-
Quo Vadis AccessFlags?
When IIS is configured as an Application Server it executes scripts like ASP and ASP.NET, CGI programs and other dynamic content. But in other scenarios IIS is supposed to only allow the download of html files and other static content like html pages, music or video files. With the accessFlags setting in IIS 6.0 administrators were able to lock down the IIS execution permissions to prevent dynamic content from executing.
-
Achtung! IIS7 Preconditions
<add name="AXD-ISAPI-2.0" path="*.axd" verb="GET,HEAD,POST" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness32" responseBufferLimit="0" />
-
Filtering IIS7 Events in the new Eventlog
The new Event Viewer in Vista allows you to specify a view file that filters the events that are shown in the Event Viewer. Here is a link to the view that will show only IIS7 eventlog entries in the System and Application log. Hope this is useful.
-
IIS7 Logparser Gadget
Bill sent me e-mail on Saturday announcing that he wrote his first Windows Sidebar Gadget. It allows him to start PerfMon or other arbitrary programs from the Windows Sidebar.