http://www.sqlmag.com/authors/author/author/5193335/rsscomment/5193335en-USFri, 25 May 2012 10:51:50 GMTFri, 25 May 2012 10:51:50 GMThttp://www.sqlmag.com/article/registry2/the-time_wait-state-s-effect-on-iis-performance#commentsAnchorTue, 07 Dec 2010 04:02:02 GMT
Hi,
I have situation and I would like to find out if it is a problem or not.

A .NET client application makes 2000 short simultaneous or iterative connections to a web service.
The client is using a simple SoapHttpClientProtocol.
The Keep-Alive setting on the IIS is set to False (There is a reason for this)
The entire process takes 15 sec.

Afterwards when I’m checking the open tcp connection on the IIS (by using netstat) I can see 2000 tcp:80 connections in status TIME_WAIT.

Is this a problem?
Will it prevent additional web requests until these are freed up?]]>Alon LeibovichTue, 07 Dec 2010 04:02:02 GMThttp://www.sqlmag.com/article/registry2/the-time_wait-state-s-effect-on-iis-performance#commentsAnchorhttp://www.sqlmag.com/article/file-systems/should-you-use-the-authenticated-users-group-#commentsAnchorSat, 24 Jul 2010 17:08:44 GMT
Thanks for your insight and straight-forward, no-nonsense, so fluff, clear and concise writing style - so much easier to follow and interpret than over-rated, over-stated techno-speak!

My added questions are:

Is it really necessary to have "authenticated users" or users as groups on a small [less than 10 user] network?

Would it be more secure to create a custom group that memics the attributes / permissions of "authenticated users", but make an obscure name that would not be looked for by the "uninvited guest?

How would one go about making a global modification to permissions to remove undesired groups, eg,"everyone" or "users", replacing them with either "authenticated users", or a custom group name as above?

Your comments and recommendations are appreciated,

m]]>LinWin1Sat, 24 Jul 2010 17:08:44 GMThttp://www.sqlmag.com/article/file-systems/should-you-use-the-authenticated-users-group-#commentsAnchorhttp://www.sqlmag.com/article/deployment/get-started-with-microsoft-s-online-services#commentsAnchorWed, 28 Jan 2009 16:19:58 GMT
Thanks Bret for giiving an intro to these Microsoft Services. It’s another example of the "Works with what you have " concept. Although connectivity cannot be assured for business locations, we have that problem everywhere. If a truck hits a wire hub in a street in LA , then all the businesses are affected anyway and their T1 lines go down. So the fact that the Internet connection cannot be 24/7 is not really an objection to the Software Plus Services concept. While reading I though to myself that we once has the buzzword of Diskless Workstations. But Softare Plus Services allows us to have Deskless Workstations. Thanks for writing this.]]>CURTWed, 28 Jan 2009 16:19:58 GMThttp://www.sqlmag.com/article/deployment/get-started-with-microsoft-s-online-services#commentsAnchorhttp://www.sqlmag.com/article/deployment/get-started-with-microsoft-s-online-services#commentsAnchorMon, 26 Jan 2009 17:51:20 GMT
Good NFO TY.]]>CoryMon, 26 Jan 2009 17:51:20 GMThttp://www.sqlmag.com/article/deployment/get-started-with-microsoft-s-online-services#commentsAnchorhttp://www.sqlmag.com/article/com-and-com/iis-informant-troubleshooting-a-dcom-error-in-iis-5-0#commentsAnchorFri, 29 Aug 2008 11:48:49 GMT
Performed the opns as advised. Got error msg : Updating Applications: Name: IIS Out-Of-Process Pooled Applications Key: {3D14228D-FBE1-11D0-995D-00C04 FD919C1} Error: 80110414: *********************** IIS was operational before but could not host any sites, thought problem was DCOM. Any idea why it failed? Thanks! Attempting start... Start attempt failed. IIS Admin Service is disabled]]>ZaiFri, 29 Aug 2008 11:48:49 GMThttp://www.sqlmag.com/article/com-and-com/iis-informant-troubleshooting-a-dcom-error-in-iis-5-0#commentsAnchorhttp://www.sqlmag.com/article/file-systems/should-you-use-the-authenticated-users-group-#commentsAnchorWed, 16 Apr 2008 07:48:18 GMT
So many fail at reading comprehension.]]>Chadipatrick Wed, 16 Apr 2008 07:48:18 GMThttp://www.sqlmag.com/article/file-systems/should-you-use-the-authenticated-users-group-#commentsAnchorhttp://www.sqlmag.com/article/file-systems/should-you-use-the-authenticated-users-group-#commentsAnchorSat, 19 Jan 2008 01:43:35 GMT
I also think there is something incorrect about this article. In the MS KB article 143474, it says that null session connections are considered ANONYMOUS LOGON users. This article says that null session connections are part of the Users group, which means ANONYMOUS LOGON is part of the Users group. I really don’t think ANONYMOUS LOGON is part of the Users group. I have seen numerous MS documentation say that as of XP SP2, ANONYMOUS LOGON is no longer part of the Everyone group. If it had also been part of the Users group, they would have also mentioned the Users group in addition to the Everyone group.]]>sparSat, 19 Jan 2008 01:43:35 GMThttp://www.sqlmag.com/article/file-systems/should-you-use-the-authenticated-users-group-#commentsAnchorhttp://www.sqlmag.com/article/file-systems/should-you-use-the-authenticated-users-group-#commentsAnchorFri, 26 Oct 2007 16:51:11 GMT
I’m confused by this statement: "The inclusion of null connections in User group membership represents a security problem" Does this imply that a ’null’ connection is considered a member of the ’Users’ group? After reading the linked-to documents, it appears ’null’ connections are used to enumerate shared network resources. This ability is configurable from the registry. I could not find mention of ’null’ connections being associated with the ’Users’ group. Nowhere did the articles indicate that a ’null’ connection was a member of, or equivalent to a member of the ’Users’ group. Instead, it appears the only security context that includes ’null’ connections is the ’Everyone’ group, as this association is mentioned several times in the document "Local System Account and Null Sessions in Windows NT" specifically: When this context is used to access the network, a null session is used. This produces the following context on remote computers: Default Owner: Everyone User: Everyone Groups: AnonymousLogon, Network It appears the main aspect of the ’Authenticated Users’ group is that it differs from the ’Everyone’ in that it does not allow ’null’ connections. Thus, I assume that the above quoted sentence should instead read: "The inclusion of null connections in ’Everyone’ group membership represents a security problem" notice the ’Everyone’ in place of ’Users’. also: The user ’Guest’, when logged on, is a member of both ’Everyone’ and ’Authenticated Users’, as the guest account, is indeed ’authenticated’. Accordingly, users in the ’Guests’ group, when logged on, are also considered members of ’Everyone’ and ’Authenticated users’ see the bottom of the page at: http://technet.microsoft.com/en-us/library/bb726982.aspx regarding this.]]>HunterFri, 26 Oct 2007 16:51:11 GMThttp://www.sqlmag.com/article/file-systems/should-you-use-the-authenticated-users-group-#commentsAnchorhttp://www.sqlmag.com/article/systems-administrator/disabling-socket-pooling-to-let-another-service-use-port-80#commentsAnchorThu, 07 Jun 2007 04:39:18 GMT
question was for windows server 2003, not for windows server 2000]]>alexxxnThu, 07 Jun 2007 04:39:18 GMThttp://www.sqlmag.com/article/systems-administrator/disabling-socket-pooling-to-let-another-service-use-port-80#commentsAnchorhttp://www.sqlmag.com/article/domains2/iis-informant-passwords-for-iusr-and-iwam#commentsAnchorFri, 11 May 2007 20:54:03 GMT
Fantastically simple, such an obvious oversight on Microsoft’s behalf...thanks to this user community for another great solution!]]>MichaelFri, 11 May 2007 20:54:03 GMThttp://www.sqlmag.com/article/domains2/iis-informant-passwords-for-iusr-and-iwam#commentsAnchorhttp://www.sqlmag.com/article/domains2/iis-informant-passwords-for-iusr-and-iwam#commentsAnchorThu, 22 Feb 2007 19:19:50 GMT
That was a great way to check those passwords. I never knew about that. Mine accidentally got changes then my ISAPI apps that send e-mail, send soap, request XML web services quit working.]]>SteveThu, 22 Feb 2007 19:19:50 GMThttp://www.sqlmag.com/article/domains2/iis-informant-passwords-for-iusr-and-iwam#commentsAnchorhttp://www.sqlmag.com/article/dns/iis-informant-configuring-port-53-for-smtp-in-iis-5-0#commentsAnchorThu, 06 Jul 2006 21:18:47 GMT
I was also gettting this error; I added the IP address of the exchange server under smtp server properties --> Delivery --> Advanced -- Configure and now everything’s lovely.]]>heyThu, 06 Jul 2006 21:18:47 GMThttp://www.sqlmag.com/article/dns/iis-informant-configuring-port-53-for-smtp-in-iis-5-0#commentsAnchorhttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorSat, 20 May 2006 13:27:01 GMT
[url=http://www.arcon5.com/modules.php?name=News&file=article&sid=242]Microsoft page supports Firefox but not IE[/url] LOL Are Microsoft complete idiots? Maybe they should change their slogan!... Any comedians out there that can think of a **** take slogan? If somebody can suggest a really funny one, i may put it on my website (with a link to your blog/website if you have one :D)]]>tomSat, 20 May 2006 13:27:01 GMThttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorhttp://www.sqlmag.com/article/windows-client/iis-7-0-paves-the-way-to-webgeek-nirvana#commentsAnchorFri, 05 May 2006 06:56:11 GMT
how do you backup in accpac system 5.3A using the database of SQL 2005 server.]]>MulengaFri, 05 May 2006 06:56:11 GMThttp://www.sqlmag.com/article/windows-client/iis-7-0-paves-the-way-to-webgeek-nirvana#commentsAnchorhttp://www.sqlmag.com/article/security/other-browser-not-up-top-par-with-ie#commentsAnchorWed, 07 Sep 2005 03:08:04 GMT
http://www.securityfocus.com/archive/1/379207 "(...)although it did take a longer while for it to give up - three hours - (impressive by comparison to competitors), it eventually did: http://lcamtuf.coredump.cx/mangleme/gallery/ie_die1.html Tested on 6.0.2800.1106, dies in mshtml.dll. This is a NULL pointer dereference, so merely a DoS condition, but still an evident flaw in basic HTML parsing. ****************************************************************** * This means that VIRTUALLY EVERY BROWSER IN USE TODAY is unable * * to securely render HTML. Keeping in mind that not only web * * browsing, but also integrated e-mail is at risk, it is a grim * * thought. * ******************************************************************]]>Anonymous User Wed, 07 Sep 2005 03:08:04 GMThttp://www.sqlmag.com/article/security/other-browser-not-up-top-par-with-ie#commentsAnchorhttp://www.sqlmag.com/article/com-and-com/iis-informant-troubleshooting-a-dcom-error-in-iis-5-0#commentsAnchorThu, 18 Aug 2005 22:23:51 GMT
Awesome! Most helpfull post ive read in a while! saved me a few missing heair. Thanks muchly]]>Anonymous User Thu, 18 Aug 2005 22:23:51 GMThttp://www.sqlmag.com/article/com-and-com/iis-informant-troubleshooting-a-dcom-error-in-iis-5-0#commentsAnchorhttp://www.sqlmag.com/article/virtualization/iis-101-using-virtual-directories-15605#commentsAnchorTue, 16 Aug 2005 09:16:11 GMT
Very simple]]>Anonymous User Tue, 16 Aug 2005 09:16:11 GMThttp://www.sqlmag.com/article/virtualization/iis-101-using-virtual-directories-15605#commentsAnchorhttp://www.sqlmag.com/article/permissions/iis-101-the-basics-of-iis-authentication#commentsAnchorMon, 15 Aug 2005 14:45:43 GMT
good]]>Anonymous User Mon, 15 Aug 2005 14:45:43 GMThttp://www.sqlmag.com/article/permissions/iis-101-the-basics-of-iis-authentication#commentsAnchorhttp://www.sqlmag.com/article/domains2/iis-informant-passwords-for-iusr-and-iwam#commentsAnchorSun, 07 Aug 2005 17:34:55 GMT
good article]]>Anonymous User Sun, 07 Aug 2005 17:34:55 GMThttp://www.sqlmag.com/article/domains2/iis-informant-passwords-for-iusr-and-iwam#commentsAnchorhttp://www.sqlmag.com/article/domains2/iis-informant-passwords-for-iusr-and-iwam#commentsAnchorSat, 06 Aug 2005 07:55:18 GMT
Extremely useful! Thanks for the wonderful tip!]]>Anonymous User Sat, 06 Aug 2005 07:55:18 GMThttp://www.sqlmag.com/article/domains2/iis-informant-passwords-for-iusr-and-iwam#commentsAnchorhttp://www.sqlmag.com/article/systems-administrator/benefits-and-pitfalls-of-disabling-parent-paths#commentsAnchorThu, 04 Aug 2005 11:30:10 GMT
you can workaround this problem... just use apache web server and problem fixed the parent paths should be disabled in IIS because bad security design, apache dont have this (and many other) problems ]]>Anonymous User Thu, 04 Aug 2005 11:30:10 GMThttp://www.sqlmag.com/article/systems-administrator/benefits-and-pitfalls-of-disabling-parent-paths#commentsAnchorhttp://www.sqlmag.com/article/domains2/iis-informant-passwords-for-iusr-and-iwam#commentsAnchorTue, 02 Aug 2005 07:52:42 GMT
Worked great to solve the following error: DCOM got error "Logon failure: the user has not been granted the requested logon type at this computer. " and was unable to logon . On W2K, IIS 5.0, used info in Microsoft article Q255770 to re-enter this password in Component Services for IWAM_servername account.]]>Anonymous User Tue, 02 Aug 2005 07:52:42 GMThttp://www.sqlmag.com/article/domains2/iis-informant-passwords-for-iusr-and-iwam#commentsAnchorhttp://www.sqlmag.com/article/systems-administrator/benefits-and-pitfalls-of-disabling-parent-paths#commentsAnchorTue, 19 Jul 2005 14:50:41 GMT
Your article is informative but, being a programmer, I am inclined to agree with Alan. Restricting portability is completely shattering to any application. Foe example, the last peice of software I developed used relative paths, yet the majority of my clients could not run it because they had parent paths disabled. They now HAVE to upload the application to a certain directory, which is not always possible. I am really hoping I can find a work around for this problem. Regards.]]>Anonymous User Tue, 19 Jul 2005 14:50:41 GMThttp://www.sqlmag.com/article/systems-administrator/benefits-and-pitfalls-of-disabling-parent-paths#commentsAnchorhttp://www.sqlmag.com/article/com-and-com/iis-informant-troubleshooting-a-dcom-error-in-iis-5-0#commentsAnchorWed, 13 Jul 2005 01:48:53 GMT
Thanks, solved my problem. ]]>Anonymous User Wed, 13 Jul 2005 01:48:53 GMThttp://www.sqlmag.com/article/com-and-com/iis-informant-troubleshooting-a-dcom-error-in-iis-5-0#commentsAnchorhttp://www.sqlmag.com/article/domains2/preventing-iis-from-prompting-for-user-credentials#commentsAnchorThu, 16 Jun 2005 00:29:48 GMT
Fabulous, Thanks for your help and describing topic so nicely and deeply. Mohit]]>Anonymous User Thu, 16 Jun 2005 00:29:48 GMThttp://www.sqlmag.com/article/domains2/preventing-iis-from-prompting-for-user-credentials#commentsAnchorhttp://www.sqlmag.com/article/domains2/iis-informant-passwords-for-iusr-and-iwam#commentsAnchorFri, 10 Jun 2005 13:09:44 GMT
Very helpful!]]>Anonymous User Fri, 10 Jun 2005 13:09:44 GMThttp://www.sqlmag.com/article/domains2/iis-informant-passwords-for-iusr-and-iwam#commentsAnchorhttp://www.sqlmag.com/article/virtualization/iis-101-using-virtual-directories-15605#commentsAnchorThu, 02 Jun 2005 07:00:07 GMT
Every time i select the mapped drive to use as my virtual Directory I get a red error icon and a access denie massage. jpino@nomadicstudio.com]]>Anonymous User Thu, 02 Jun 2005 07:00:07 GMThttp://www.sqlmag.com/article/virtualization/iis-101-using-virtual-directories-15605#commentsAnchorhttp://www.sqlmag.com/article/internet/iis-informant-ensuring-that-all-your-web-sites-return-detailed-asp-error-messages#commentsAnchorWed, 01 Jun 2005 20:56:33 GMT
Well done - clear and concise]]>Anonymous User Wed, 01 Jun 2005 20:56:33 GMThttp://www.sqlmag.com/article/internet/iis-informant-ensuring-that-all-your-web-sites-return-detailed-asp-error-messages#commentsAnchorhttp://www.sqlmag.com/article/security/wifi-security-article#commentsAnchorWed, 01 Jun 2005 08:39:29 GMT
There is now a free tool for blocking freeloaders from using your WIFI zone for web surfing. Works on Win2K and XP machines. You can download it at http://www.myWIFIzone.com]]>Anonymous User Wed, 01 Jun 2005 08:39:29 GMThttp://www.sqlmag.com/article/security/wifi-security-article#commentsAnchorhttp://www.sqlmag.com/article/com-and-com/iis-informant-troubleshooting-a-dcom-error-in-iis-5-0#commentsAnchorTue, 31 May 2005 04:44:01 GMT
Look at this post in Google groups: "IIS doesn’t display ASP pages, COM+ damaged" if you have problems runing "synciwam.vbs -v" Link: http://groups-beta.google.com/group/ microsoft.public.windowsxp.general/browse_thread/ thread/ 5b4b9872a8c5052f/87d89f6c3174d566? q=IIS+doesn%27t+display+ASP+pages,+COM%2B+damaged&rnum=1&hl=en#87d89f6c3174d566]]>Anonymous User Tue, 31 May 2005 04:44:01 GMThttp://www.sqlmag.com/article/com-and-com/iis-informant-troubleshooting-a-dcom-error-in-iis-5-0#commentsAnchorhttp://www.sqlmag.com/article/microsoft-certificate-services/using-ctls-to-restrict-web-site-access#commentsAnchorSun, 22 May 2005 05:57:56 GMT
To the Point!]]>AustinSun, 22 May 2005 05:57:56 GMThttp://www.sqlmag.com/article/microsoft-certificate-services/using-ctls-to-restrict-web-site-access#commentsAnchorhttp://www.sqlmag.com/article/ip-addressing/iis-informant-ip-address-restrictions#commentsAnchorFri, 20 May 2005 10:48:15 GMT
I’m receving the same error but on a Windows 2003 server running IIS 6. Another wrinkle is that it only affects certain users. ]]>ChuckFri, 20 May 2005 10:48:15 GMThttp://www.sqlmag.com/article/ip-addressing/iis-informant-ip-address-restrictions#commentsAnchorhttp://www.sqlmag.com/article/performance/iis-101-the-basics-of-performance-tuning#commentsAnchorThu, 19 May 2005 22:31:58 GMT
USEFUL ]]>Anonymous User Thu, 19 May 2005 22:31:58 GMThttp://www.sqlmag.com/article/performance/iis-101-the-basics-of-performance-tuning#commentsAnchorhttp://www.sqlmag.com/article/security/apache-more-secure-#commentsAnchorThu, 19 May 2005 09:09:32 GMT
Hey, did that same student get access to source code for windows products to see any security holes there?]]>BubbaThu, 19 May 2005 09:09:32 GMThttp://www.sqlmag.com/article/security/apache-more-secure-#commentsAnchorhttp://www.sqlmag.com/article/active-directory-service-interfaces-adsi/iis-informant15599#commentsAnchorTue, 10 May 2005 03:25:00 GMT
zxcvxczvzxcvxzcvxzcvxcv]]>Anonymous User Tue, 10 May 2005 03:25:00 GMThttp://www.sqlmag.com/article/active-directory-service-interfaces-adsi/iis-informant15599#commentsAnchorhttp://www.sqlmag.com/article/file-systems/should-you-use-the-authenticated-users-group-#commentsAnchorSat, 07 May 2005 04:53:58 GMT
According to the Users and Passwords dialog in Windows 2000: "Guests have the same access as members of the Users group by default, except for the Guest account which is further restricted". This might answer the previous poster’s comment: if you have a user which is a member of Guests, but not "Guest", it will have the same access as a User. Only the "Guest" account itself would not be considered "Authenticated".]]>Anonymous User Sat, 07 May 2005 04:53:58 GMThttp://www.sqlmag.com/article/file-systems/should-you-use-the-authenticated-users-group-#commentsAnchorhttp://www.sqlmag.com/article/com-and-com/iis-informant-troubleshooting-a-dcom-error-in-iis-5-0#commentsAnchorThu, 05 May 2005 06:10:27 GMT
pass 3 shoud be: cscript.exe c:\inetpub\adminscripts\adsutil.vbs set w3svc/wamuserpass "newpassword"]]>Anonymous User Thu, 05 May 2005 06:10:27 GMThttp://www.sqlmag.com/article/com-and-com/iis-informant-troubleshooting-a-dcom-error-in-iis-5-0#commentsAnchorhttp://www.sqlmag.com/article/ftp/iis-informant15834#commentsAnchorThu, 05 May 2005 03:20:00 GMT
We’ve succesfully installed our IIS on Windows 2003 with the Extension. How can we forward emails which are sent to our domain (webmaster@mydomain.com) to blabla@anywhere.com? (until now we only can forward emails to other emailaddresses of our own domain..)]]>Anonymous User Thu, 05 May 2005 03:20:00 GMThttp://www.sqlmag.com/article/ftp/iis-informant15834#commentsAnchorhttp://www.sqlmag.com/article/active-directory-service-interfaces-adsi/iis-informant15599#commentsAnchorMon, 02 May 2005 17:32:07 GMT
Not secure, I decoded that thing easily]]>Anonymous User Mon, 02 May 2005 17:32:07 GMThttp://www.sqlmag.com/article/active-directory-service-interfaces-adsi/iis-informant15599#commentsAnchorhttp://www.sqlmag.com/article/development/iis-informant-using-web-folders-with-webdav#commentsAnchorWed, 27 Apr 2005 04:27:17 GMT
Dont use port number as webdav run on 80]]>Anonymous User Wed, 27 Apr 2005 04:27:17 GMThttp://www.sqlmag.com/article/development/iis-informant-using-web-folders-with-webdav#commentsAnchorhttp://www.sqlmag.com/article/windows-2000/setting-iis-to-restart-when-insufficient-memory-is-available#commentsAnchorThu, 21 Apr 2005 14:17:38 GMT
Who is the author of this article? ]]>Anonymous User Thu, 21 Apr 2005 14:17:38 GMThttp://www.sqlmag.com/article/windows-2000/setting-iis-to-restart-when-insufficient-memory-is-available#commentsAnchorhttp://www.sqlmag.com/article/ftp/iis-informant15834#commentsAnchorWed, 20 Apr 2005 22:33:11 GMT
hello, my iis server can not connect to local host. It is on win 2000 advanced server, I have installed and reinstalled iis many time?]]>Anonymous User Wed, 20 Apr 2005 22:33:11 GMThttp://www.sqlmag.com/article/ftp/iis-informant15834#commentsAnchorhttp://www.sqlmag.com/article/file-systems/should-you-use-the-authenticated-users-group-#commentsAnchorSat, 26 Mar 2005 05:45:31 GMT
Great article, Found it very helpfull]]>Anonymous User Sat, 26 Mar 2005 05:45:31 GMThttp://www.sqlmag.com/article/file-systems/should-you-use-the-authenticated-users-group-#commentsAnchorhttp://www.sqlmag.com/article/activex/iis-informant20430#commentsAnchorFri, 25 Mar 2005 02:45:20 GMT
How can I force a new login? For security reasons, I want the SSL session to expire after some time and have the user enter login credentials again. I would expect this to be a server side setting but I couldn’t find it anywhere... plukasse at cordys dot com]]>Anonymous User Fri, 25 Mar 2005 02:45:20 GMThttp://www.sqlmag.com/article/activex/iis-informant20430#commentsAnchorhttp://www.sqlmag.com/article/activex/iis-informant20430#commentsAnchorFri, 25 Mar 2005 02:39:43 GMT
How can I force a new login? For security reasons, I want the SSL session to expire after some time and have the user enter login credentials again. I would expect this to be a server side setting but I couldn’t find it anywhere...]]>Anonymous User Fri, 25 Mar 2005 02:39:43 GMThttp://www.sqlmag.com/article/activex/iis-informant20430#commentsAnchorhttp://www.sqlmag.com/article/certificates/enabling-ssl-on-your-site#commentsAnchorTue, 22 Mar 2005 11:45:07 GMT
The best i found!]]>Anonymous User Tue, 22 Mar 2005 11:45:07 GMThttp://www.sqlmag.com/article/certificates/enabling-ssl-on-your-site#commentsAnchorhttp://www.sqlmag.com/article/systems-administrator/benefits-and-pitfalls-of-disabling-parent-paths#commentsAnchorThu, 03 Mar 2005 13:05:25 GMT
It is more than just being able to upload malicious scripts, though. By traversing parent directories and coupling those results and their corresponding HTML error codes/pages with known files on webserver software, an attacker can easily discern much information about your server. Once it knows exactly what you’re running, they’ve already got one foot in the door and will be at a much better vantage point for a more successful and harder-to-detect attack. ~Michael]]>Anonymous User Thu, 03 Mar 2005 13:05:25 GMThttp://www.sqlmag.com/article/systems-administrator/benefits-and-pitfalls-of-disabling-parent-paths#commentsAnchorhttp://www.sqlmag.com/article/security/hacking-pda-s-trend-micro-free-pda-virus-scanner#commentsAnchorSat, 26 Feb 2005 07:06:15 GMT
"we" first mistake, ICF is our savior and protection? Second mistake, nearly any bumpkin in the security field will tell you that the windows firewall is a joke when it comes to security. as most microsoft "security messures" are. need we remind people of the hard core login security that win9X supplied? while i will admit MS has gotten better at it. they still are dogging it in the security field. p.s. many pda’s now adays are using linux :) and netbsd can run on almost anything :)]]>Anonymous User Sat, 26 Feb 2005 07:06:15 GMThttp://www.sqlmag.com/article/security/hacking-pda-s-trend-micro-free-pda-virus-scanner#commentsAnchorhttp://www.sqlmag.com/article/ip-addressing/iis-informant-ip-address-restrictions#commentsAnchorTue, 08 Feb 2005 20:58:37 GMT
Thanks!]]>Anonymous User Tue, 08 Feb 2005 20:58:37 GMThttp://www.sqlmag.com/article/ip-addressing/iis-informant-ip-address-restrictions#commentsAnchorhttp://www.sqlmag.com/article/scripting/scheduling-iis-restarts#commentsAnchorWed, 26 Jan 2005 12:02:01 GMT
The tool you mentioned below is what I need but I couldn’t find using the link. "the IIS 5.0 Process Recycling Tool (IIS5Recycle) also lets you configure an IIS reset at set intervals as well as after a set number of GET requests or when available memory becomes low. You can download IIS5Recycle at http://www.microsoft.com/downloads/release.asp?releaseid=31106." ]]>Anonymous User Wed, 26 Jan 2005 12:02:01 GMThttp://www.sqlmag.com/article/scripting/scheduling-iis-restarts#commentsAnchorhttp://www.sqlmag.com/article/security/apache-more-secure-#commentsAnchorWed, 26 Jan 2005 11:27:01 GMT
I agree an uninformed admin is just as likely to deploy an insecure apache server. And I did indeed enjoy checking out the flaws the students found. After all, if you’re not open to new info you won’t learn anything. That said though, the link is not an ad for IIS on Windows either: First slide : "Research area: How can we build a secure UNIX system? (Vastly more difficult: How can we build a secure Windows system? Attackers have more ways to break into windows compters.)" ]]>Anonymous User Wed, 26 Jan 2005 11:27:01 GMThttp://www.sqlmag.com/article/security/apache-more-secure-#commentsAnchorhttp://www.sqlmag.com/article/virtualization/iis-101-using-virtual-directories-15605#commentsAnchorWed, 26 Jan 2005 06:12:01 GMT
how can i password this direcory so a web user is prompted for a user name & password?]]>Anonymous User Wed, 26 Jan 2005 06:12:01 GMThttp://www.sqlmag.com/article/virtualization/iis-101-using-virtual-directories-15605#commentsAnchorhttp://www.sqlmag.com/article/security/other-browser-not-up-top-par-with-ie#commentsAnchorTue, 25 Jan 2005 08:17:20 GMT
What are you smoking, Brett? Or are you touting MSIE because you’re a hijacker? Or is Micro$soft paying you to spew FUD? Or maybe you’re just not as smart as you’d like us to believe.]]>Anonymous User Tue, 25 Jan 2005 08:17:20 GMThttp://www.sqlmag.com/article/security/other-browser-not-up-top-par-with-ie#commentsAnchorhttp://www.sqlmag.com/article/certificates/enabling-ssl-on-your-site#commentsAnchorWed, 19 Jan 2005 17:07:37 GMT
I had the same problem. Getting "Cannot find server" so I went through all the steps and found one thing that was not listed. One cannot access the server through https if the "Run www service in IIS 5.0 isolation mode". is checked.]]>Anonymous User Wed, 19 Jan 2005 17:07:37 GMThttp://www.sqlmag.com/article/certificates/enabling-ssl-on-your-site#commentsAnchorhttp://www.sqlmag.com/article/metabase/iis-informant-creating-web-folders-in-windows-xp#commentsAnchorSun, 09 Jan 2005 09:06:45 GMT
I need a new repair folder for windows xp home edition]]>Anonymous User Sun, 09 Jan 2005 09:06:45 GMThttp://www.sqlmag.com/article/metabase/iis-informant-creating-web-folders-in-windows-xp#commentsAnchorhttp://www.sqlmag.com/article/com-and-com/iis-informant-troubleshooting-a-dcom-error-in-iis-5-0#commentsAnchorTue, 28 Dec 2004 21:12:24 GMT
Everytime I try to launch my AD-Aware to scan for viruses theres an error box that says DCOM serverprocess launcher has terminated unexpectedly and theres a timer that makes my PC restart this has happend several times how do I fix it (I dont know PC language either) ]]>Anonymous User Tue, 28 Dec 2004 21:12:24 GMThttp://www.sqlmag.com/article/com-and-com/iis-informant-troubleshooting-a-dcom-error-in-iis-5-0#commentsAnchorhttp://www.sqlmag.com/article/com-and-com/iis-informant-troubleshooting-a-dcom-error-in-iis-5-0#commentsAnchorTue, 28 Dec 2004 21:12:24 GMT
Everytime I try to launch my AD-Aware to scan for viruses theres an error box that says DCOM serverprocess launcher has terminated unexpectedly and theres a timer that makes my PC restart this has happend several times how do I fix it (I dont know PC language either) ]]>Anonymous User Tue, 28 Dec 2004 21:12:24 GMThttp://www.sqlmag.com/article/com-and-com/iis-informant-troubleshooting-a-dcom-error-in-iis-5-0#commentsAnchorhttp://www.sqlmag.com/article/security/hacking-pda-s-trend-micro-free-pda-virus-scanner#commentsAnchorSat, 18 Dec 2004 13:43:00 GMT
Heck yeah. No doubt we are heading toward a wireless convergence. That acutally, it seems, supports my point. New protocols means new problems as well as new capabilites. My only point is that the companies making these products, Microsoft included (for the OS side) are not paying enough attention to security features as they are pretty much absent.]]>BrettHill-IISMVPSat, 18 Dec 2004 13:43:00 GMThttp://www.sqlmag.com/article/security/hacking-pda-s-trend-micro-free-pda-virus-scanner#commentsAnchorhttp://www.sqlmag.com/article/security/hacking-pda-s-trend-micro-free-pda-virus-scanner#commentsAnchorFri, 17 Dec 2004 16:09:30 GMT
"No, i totally disagree. i mean, look... wireless internet is replacing cable dsl and copper so fast the evdo hsdpa wimax and other protocols will just completely change the need for the products out there now... here... take a look at some prerelease evdo video phone at http://video-phones-evdo.com and http://wireless-internet-broadband-service.com ]]>Anonymous User Fri, 17 Dec 2004 16:09:30 GMThttp://www.sqlmag.com/article/security/hacking-pda-s-trend-micro-free-pda-virus-scanner#commentsAnchorhttp://www.sqlmag.com/article/security/google-exposes-information-from-insecure-sites#commentsAnchorFri, 17 Dec 2004 15:14:52 GMT
. . 8. Recycle some older hardware and load up a free version of one of the many, much more secure Linux OS’s and run Apache. ]]>Anonymous User Fri, 17 Dec 2004 15:14:52 GMThttp://www.sqlmag.com/article/security/google-exposes-information-from-insecure-sites#commentsAnchorhttp://www.sqlmag.com/article/file-systems/should-you-use-the-authenticated-users-group-#commentsAnchorFri, 17 Dec 2004 05:16:25 GMT
I think the statemant that Guests are not member of "Authenticated User is not quite correct, because If I have a user which is only member of Guests and not member of users Group and Authenticated users have the local permission to access the computer from network, this user can connect. If I delete the Authenticated user frm this right, the connection is not possible.]]>Anonymous User Fri, 17 Dec 2004 05:16:25 GMThttp://www.sqlmag.com/article/file-systems/should-you-use-the-authenticated-users-group-#commentsAnchorhttp://www.sqlmag.com/article/dns/iis-informant-configuring-port-53-for-smtp-in-iis-5-0#commentsAnchorMon, 13 Dec 2004 16:16:14 GMT
Actually Tim’s mixed the value up. The Data-value 0 is UDP with TCP failover, and 2 is UDP only.]]>Anonymous User Mon, 13 Dec 2004 16:16:14 GMThttp://www.sqlmag.com/article/dns/iis-informant-configuring-port-53-for-smtp-in-iis-5-0#commentsAnchorhttp://www.sqlmag.com/article/security/comments-on-firefox-thread-comments#commentsAnchorMon, 06 Dec 2004 08:08:39 GMT
ya ya ya firefoxxxxxx roxors !!!!]]>Anonymous User Mon, 06 Dec 2004 08:08:39 GMThttp://www.sqlmag.com/article/security/comments-on-firefox-thread-comments#commentsAnchorhttp://www.sqlmag.com/article/permissions/iis-informant-clarifying-inaccurate-information-about-anonymous-authentication#commentsAnchorThu, 02 Dec 2004 13:44:19 GMT
The information in the original post is not complete, and therefore not entirely accurate. If the server is configured to allow anonymous access, but does *not* allow IIS to manually synchronize passwords, anonymous login attempts will, in fact, be recorded as *local* login attempts. Conversely, if IIS does perform automatic password synchronization ("Allow IIS to control password" is checked on the Anonymous User Account dialog from the WWW Service Master/Directory Security dialog), then the authentication will be performed by a special IIS subauthentication DLL (IISSubA.dll). Authentication handled by subauthentication DLL’s are reported as *network* logins, and thus do *not* require Log On Locally privs, but *do* require "Access This Computer from the Network" privs. The facts explaining this situation can be reviewed in detail at http://support.microsoft.com/kb/218756/EN-US/ -David Whitney unchecked@cox.net ]]>Anonymous User Thu, 02 Dec 2004 13:44:19 GMThttp://www.sqlmag.com/article/permissions/iis-informant-clarifying-inaccurate-information-about-anonymous-authentication#commentsAnchorhttp://www.sqlmag.com/article/security/firefox-thread-comments#commentsAnchorWed, 01 Dec 2004 14:22:40 GMT
It seems that everyone who uses FireFox cannot spell or use proper punctuation. Must be the idiot’s browser. Well, I agree that IE does not conform to standards. When I lay a web page out, I make sure it looks good in FireFox because I know if it looks good there it will look good in any browser.]]>Anonymous User Wed, 01 Dec 2004 14:22:40 GMThttp://www.sqlmag.com/article/security/firefox-thread-comments#commentsAnchorhttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorWed, 01 Dec 2004 14:21:43 GMT
It seems that everyone who uses FireFox cannot spell or use proper punctuation. Must be the idiot’s browser. Well, I agree that IE does not conform to W3C standards. When I lay a web page out, I make sure it looks good in FireFox because I know if it looks good there it will look good in any browser.]]>Anonymous User Wed, 01 Dec 2004 14:21:43 GMThttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorhttp://www.sqlmag.com/article/security/windows-os-on-voting-machines-not-pen-tested#commentsAnchorMon, 29 Nov 2004 13:42:33 GMT
The independent test authorities (ITAs) are only engaged to test what is required by the FEC standards (in this case, the old VSS1990 standards). Penetration testing in the context of those standards is NOT REQUIRED for standalone DRE systems. These systems are NOT connected to a network. The election management system (EMS) was NOT being tested in the 1990 standards. That changed in the VSS2002 standards. So the ITA is not some evil/stupid/lame/badguy here, they can only enforce the standards. Blackboxvoting fails to understand this, or chooses to ignore it. ]]>Anonymous User Mon, 29 Nov 2004 13:42:33 GMThttp://www.sqlmag.com/article/security/windows-os-on-voting-machines-not-pen-tested#commentsAnchorhttp://www.sqlmag.com/article/security/firefox-thread-comments#commentsAnchorMon, 29 Nov 2004 05:52:35 GMT
i tell all my friends about this site, it coolies! fiiirefox forever, more comments pls]]>Anonymous User Mon, 29 Nov 2004 05:52:35 GMThttp://www.sqlmag.com/article/security/firefox-thread-comments#commentsAnchorhttp://www.sqlmag.com/article/security/firefox-thread-comments#commentsAnchorMon, 29 Nov 2004 05:47:41 GMT
yay youre so right, ie is for tards, im a pro designer for my uncles photos online, css roxors and no one in ie can see the sight right!]]>Anonymous User Mon, 29 Nov 2004 05:47:41 GMThttp://www.sqlmag.com/article/security/firefox-thread-comments#commentsAnchorhttp://www.sqlmag.com/article/security/firefox-thread-comments#commentsAnchorSun, 28 Nov 2004 16:28:09 GMT
you do hav a choice on using IE or not if you didint then microsoft would have a monopoly and they dont, if microsoft cant seem to keep there products (IE) up to date and folowing the standards than they shoud give the project to some one else who can keep IE following the standards really they have a obligation to keep IE upto date seeing as to how the majority of people use it. I as a web developer HATE IE it takes the XHTML standards and throus them out the window, to make a web page 100% perfect in IE is to make a page that dose not follow any of the standards that govern all the other browsers out there]]>Anonymous User Sun, 28 Nov 2004 16:28:09 GMThttp://www.sqlmag.com/article/security/firefox-thread-comments#commentsAnchorhttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorSun, 28 Nov 2004 15:12:25 GMT
You all suck]]>Anonymous User Sun, 28 Nov 2004 15:12:25 GMThttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorhttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorSat, 27 Nov 2004 00:34:57 GMT
But MS doesn’t change the standard sound design reasons, they change it either to gain market dominence by breaking competing products or to allow developers to do stuff easily with wanton disregard for security.]]>Anonymous User Sat, 27 Nov 2004 00:34:57 GMThttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorhttp://www.sqlmag.com/article/systems-administrator/forcing-iis-to-display-custom-error-messages#commentsAnchorFri, 26 Nov 2004 04:04:39 GMT
Using the above method, if the filename.html is not correct, it will work. But if the folder name in the URL is not correct it is showing the Default error message "404 Object Not Found"]]>Anonymous User Fri, 26 Nov 2004 04:04:39 GMThttp://www.sqlmag.com/article/systems-administrator/forcing-iis-to-display-custom-error-messages#commentsAnchorhttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorWed, 24 Nov 2004 21:51:16 GMT
CORRECTION- Comparison]]>Anonymous User Wed, 24 Nov 2004 21:51:16 GMThttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorhttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorWed, 24 Nov 2004 21:41:11 GMT
don’t remember the author but there is a saying guys - "Monopolies are like children no one likes them until they have one of there own" and about Ford changing its tow bars no comparasion cause Ford gets insentive for adhering to standards vs MS adhering to a rather small market share - Yes MS is concerned about open source and they should be but with such a large share, they (MS) can hold its own ]]>Anonymous User Wed, 24 Nov 2004 21:41:11 GMThttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorhttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorWed, 24 Nov 2004 20:25:59 GMT
Sorry, but you are completely wrong. The web was buildt on open standards, and open standards are the only way you can grow global services. When MS tried to push their MSN service instead of the internet it went nowwhere. The US mobile telephone business is 5-10 years behind Europe and east Asia, and this is because all the operators tried to preserve their own "standard". A standard is not made by a company, it is agreed upon and open. When you allow someone to dictate a "standard", things deteriorate.]]>Anonymous User Wed, 24 Nov 2004 20:25:59 GMThttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorhttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorWed, 24 Nov 2004 14:18:26 GMT
"Say you owned a company that made 98% of all the doodads in the world and you wanted to make a thinngy that interracted with doodad so to make that work better you added some stuff to the doodad." Sounds a lot like "illegal maintenance and extension" of the companies monopoly...]]>Anonymous User Wed, 24 Nov 2004 14:18:26 GMThttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorhttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorWed, 24 Nov 2004 13:16:10 GMT
Would car buyers accept that the biggest car manufacturer suddenly had its own "extensions" to the tow bar for caravans and it meant that caravans adhering to this new "standard" could not really be used (eg. it may couple, but you cannot drive) on other manufacturers’ cars? No way! I would change to Firefox (or maybe Mozilla or a derivative), if I could, but alas, it seems that a number of my must-use websites (including my bank) use Microsoft-only extensions and therefore leaves me with no real alternative. My biggest gripe with Microsoft (apart from my feeling that they are too greedy) is in fact their tendency to one-up any standard with proprietary extensions, which makes it almost impossible to make compatible products and thus leaves us without real alternatives. In more and more countries, the governments demand for the government websites to be accessible for disabled people -- I would like the governments to own up to people that cannot or will not use Microsoft products by demanding that (at least) all government websites were accessible to browsers adhering to the official standards.]]>Anonymous User Wed, 24 Nov 2004 13:16:10 GMThttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorhttp://www.sqlmag.com/article/file-systems/should-you-use-the-authenticated-users-group-#commentsAnchorWed, 24 Nov 2004 09:38:15 GMT
The Question is important, but is still difficult to understand the differences between the various User groups]]>Anonymous User Wed, 24 Nov 2004 09:38:15 GMThttp://www.sqlmag.com/article/file-systems/should-you-use-the-authenticated-users-group-#commentsAnchorhttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorWed, 24 Nov 2004 05:26:10 GMT
"the interaction of the thinngy with the doodad" is much better in firefox, cos it rulers your face]]>Anonymous User Wed, 24 Nov 2004 05:26:10 GMThttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorhttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorTue, 23 Nov 2004 23:01:40 GMT
Agreed company have dominace over the market can change standard, yet the company changing standards should 1) announce the difference between the changes; and 2)make sure the new standards is compatable with the old one, or they should announce a NEW standard so it won’t confuse people. Now the same file format(html)/scripting language(javascript) have two or more "standards" makes we web developers’ life harder. To me, having more than one standard over the same thing at a time is only slightly better than "no standard".]]>Anonymous User Tue, 23 Nov 2004 23:01:40 GMThttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorhttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorTue, 23 Nov 2004 18:25:31 GMT
Unless the FireFox team puts up a complete browser (not a suite, just a browser) they will be still-born in the corporate world. Right now, FireFox is like computer camp, techies only need apply. The rest of will happily use Mozilla 1.X or its successors.]]>Anonymous User Tue, 23 Nov 2004 18:25:31 GMThttp://www.sqlmag.com/article/security/firefox-discussion#commentsAnchorhttp://www.sqlmag.com/article/security/maxthon-2-1-released#commentsAnchorMon, 22 Nov 2004 05:22:38 GMT
firefox + winamp = heaven, i wons youuuuuuuu]]>Anonymous User Mon, 22 Nov 2004 05:22:38 GMThttp://www.sqlmag.com/article/security/maxthon-2-1-released#commentsAnchorhttp://www.sqlmag.com/article/security/ie-explorer-is-the-weakest-link#commentsAnchorThu, 18 Nov 2004 09:05:33 GMT
fiiiiiiiiireeeeeeeeefoooooooooooox roolers almost as much as linnnuxx and cuteftp!]]>Anonymous User Thu, 18 Nov 2004 09:05:33 GMThttp://www.sqlmag.com/article/security/ie-explorer-is-the-weakest-link#commentsAnchorhttp://www.sqlmag.com/article/security/ie-explorer-is-the-weakest-link#commentsAnchorWed, 17 Nov 2004 18:16:40 GMT
In a word: Firefox 1.0 http://www.mozilla.org]]>Anonymous User Wed, 17 Nov 2004 18:16:40 GMThttp://www.sqlmag.com/article/security/ie-explorer-is-the-weakest-link#commentsAnchorhttp://www.sqlmag.com/article/com-and-com/iis-informant-troubleshooting-a-dcom-error-in-iis-5-0#commentsAnchorWed, 17 Nov 2004 14:03:11 GMT
Wonderful! Solved my problems right away, once I figured out the somewhat cryptic command text (hard to tell where spaces go, references to words not used anywhere else, etc.) included in the description (if you could fix this, this page would be perfect).]]>Anonymous User Wed, 17 Nov 2004 14:03:11 GMThttp://www.sqlmag.com/article/com-and-com/iis-informant-troubleshooting-a-dcom-error-in-iis-5-0#commentsAnchorhttp://www.sqlmag.com/article/security/windows-os-on-voting-machines-not-pen-tested#commentsAnchorWed, 17 Nov 2004 08:47:59 GMT
But if they patched all the holes then it might be more difficult to steal the elction!]]>TOMWed, 17 Nov 2004 08:47:59 GMThttp://www.sqlmag.com/article/security/windows-os-on-voting-machines-not-pen-tested#commentsAnchorhttp://www.sqlmag.com/article/security/windows-os-on-voting-machines-not-pen-tested#commentsAnchorTue, 16 Nov 2004 14:04:05 GMT
Good grief...ANY electronic voting device should be pentested by true experts, regardless of platform. That consultant shouldn’t have been paid. What’s the Latin phrase..."Who guards the guards"?]]>Anonymous User Tue, 16 Nov 2004 14:04:05 GMThttp://www.sqlmag.com/article/security/windows-os-on-voting-machines-not-pen-tested#commentsAnchorhttp://www.sqlmag.com/article/security/windows-os-on-voting-machines-not-pen-tested#commentsAnchorSun, 14 Nov 2004 09:37:54 GMT
Wanna see how easy it is to Hack Diebold’s software? Detailed security test results at www.chuckherrin.com/hackthevote.htm ]]>Anonymous User Sun, 14 Nov 2004 09:37:54 GMThttp://www.sqlmag.com/article/security/windows-os-on-voting-machines-not-pen-tested#commentsAnchorhttp://www.sqlmag.com/article/registry2/the-time_wait-state-s-effect-on-iis-performance#commentsAnchorThu, 11 Nov 2004 06:50:04 GMT
I have an issue where I need to connect through port 27001 and I am getting a TIME_WAIT when running NETSTAT -a on the client pc. We are unable to get the software to read the license files on the server and am wondering when it states TIME_WAIT is is blocking that port in anyway?? I get the feeling it means there is a connection but in reality there hasnt been one? Any info is greatly appreciated.]]>Anonymous User Thu, 11 Nov 2004 06:50:04 GMThttp://www.sqlmag.com/article/registry2/the-time_wait-state-s-effect-on-iis-performance#commentsAnchorhttp://www.sqlmag.com/article/virtualization/iis-101-using-virtual-directories-15605#commentsAnchorSat, 06 Nov 2004 18:13:21 GMT
great article, this is just what I was searching for for managing my clients sites on my local disk]]>Anonymous User Sat, 06 Nov 2004 18:13:21 GMThttp://www.sqlmag.com/article/virtualization/iis-101-using-virtual-directories-15605#commentsAnchorhttp://www.sqlmag.com/article/registry2/the-time_wait-state-s-effect-on-iis-performance#commentsAnchorFri, 29 Oct 2004 12:07:35 GMT
That socket (TCP Connection Endpoint) cannot be re-established until TIME_WAIT ends -- which means that connections can still be made to that port. They just can’t be made from the same remote IP and remote port addresses that are currently in TIME_WAIT. That port will be able to accept other connections from other addresses/ports. ]]>Anonymous User Fri, 29 Oct 2004 12:07:35 GMThttp://www.sqlmag.com/article/registry2/the-time_wait-state-s-effect-on-iis-performance#commentsAnchorhttp://www.sqlmag.com/article/virtualization/iis-101-using-virtual-directories-15605#commentsAnchorThu, 28 Oct 2004 15:23:09 GMT
RE: Eric Peterson That is done via DNS and virtual servers.]]>Anonymous User Thu, 28 Oct 2004 15:23:09 GMThttp://www.sqlmag.com/article/virtualization/iis-101-using-virtual-directories-15605#commentsAnchorhttp://www.sqlmag.com/article/domains2/iis-informant-passwords-for-iusr-and-iwam#commentsAnchorThu, 28 Oct 2004 05:17:29 GMT
Great! Thanks!]]>Anonymous User Thu, 28 Oct 2004 05:17:29 GMThttp://www.sqlmag.com/article/domains2/iis-informant-passwords-for-iusr-and-iwam#commentsAnchorhttp://www.sqlmag.com/article/scripting/scheduling-iis-restarts#commentsAnchorThu, 21 Oct 2004 14:45:42 GMT
Thanks]]>Anonymous User Thu, 21 Oct 2004 14:45:42 GMThttp://www.sqlmag.com/article/scripting/scheduling-iis-restarts#commentsAnchorhttp://www.sqlmag.com/article/security/this-is-how-it-goes-sometimes#commentsAnchorWed, 13 Oct 2004 15:20:03 GMT
I used to work as an IT Auditor and my clients did struggle with this very issue. IT Asset management is often thought of as a small and relatively unimportant task, but in truth, it is very important, not just to the accountants, but for security reasons as your comments pointed out. Usually I would start by asking for records of computer systems owned by the company. Smaller companies would often have just a spreadsheet, but if its up to date, that’s good enough. Larger companies might have an application dedicated to the task. For medium to large companies without software support for the task, you usually get incomplete records that only include systems expensive and new enough to be depreciating. To answer your question, I think the first step in preventing “fluidity” of servers is to keep detailed and accurate records of all IT assets, including not just the brand an serial number, but the physical location and person responsible for the asset as well. If you don’t have it, start walking the halls with label maker, tagging and recording them as you find them.]]>AdamWed, 13 Oct 2004 15:20:03 GMThttp://www.sqlmag.com/article/security/this-is-how-it-goes-sometimes#commentsAnchorhttp://www.sqlmag.com/article/systems-administrator/benefits-and-pitfalls-of-disabling-parent-paths#commentsAnchorFri, 17 Sep 2004 16:15:03 GMT
Security is in the best interest of both developers and sysadmins. It’s also a common coding strategy among developers to connect to SQL Server with ’sa’ but as we have seen with worms like Slammer, etc. it is a bad practice.]]>XXFri, 17 Sep 2004 16:15:03 GMThttp://www.sqlmag.com/article/systems-administrator/benefits-and-pitfalls-of-disabling-parent-paths#commentsAnchorhttp://www.sqlmag.com/article/com-and-com/iis-informant-troubleshooting-a-dcom-error-in-iis-5-0#commentsAnchorThu, 26 Aug 2004 07:16:30 GMT
When I try step 4, I get Out of process applications defined: Count: 1 {3D14228D-FBE1-11d0-995D-00C04FD919C1} Error: 1AD: ActiveX compenet can’t create object I must have another underlying problem. Things I’ve noticed are that asp doesn’t work and when i try to go into "Administrative Tools" then "Component Services" then "Computers" the app dies and disappears without an error.]]>srollinsThu, 26 Aug 2004 07:16:30 GMThttp://www.sqlmag.com/article/com-and-com/iis-informant-troubleshooting-a-dcom-error-in-iis-5-0#commentsAnchorhttp://www.sqlmag.com/article/metabase/iis-informant-creating-web-folders-in-windows-xp#commentsAnchorMon, 16 Aug 2004 08:10:16 GMT
Hello, I am using webdav on IIS 5.0. This is a nice package, but I have two questions for you about the file system. 1. when I put a folder with subfolder’s on the site, full access to this virtual subdir, I have to re-authenticate each time the system creates a new folder initially. Once the folders are created, doing an overwrite of those same folders, won’t request authentication. I am running basic authentication - straight http, for troubleshooting. It also, takes the credentials 3 times on each creation, yes I am typing the password rigt the first 2 times each time. 2. I want to batch copy files from a machine to these webdav folders, is there anyway of doing a dos drive map, or some such thing, so I can run a batch file copy to that location? Any ideas? Thanks JB ]]>Mon, 16 Aug 2004 08:10:16 GMThttp://www.sqlmag.com/article/metabase/iis-informant-creating-web-folders-in-windows-xp#commentsAnchorhttp://www.sqlmag.com/article/internet/iis-informant-ensuring-that-all-your-web-sites-return-detailed-asp-error-messages#commentsAnchorWed, 11 Aug 2004 09:37:55 GMT
very helpful.]]>bperry909 Wed, 11 Aug 2004 09:37:55 GMThttp://www.sqlmag.com/article/internet/iis-informant-ensuring-that-all-your-web-sites-return-detailed-asp-error-messages#commentsAnchor