Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Ryan Permeh (ryaneEye.com)
Date: Tue May 22 2001 - 18:03:05 CDT
this is windows file protection. you cannot overcome it. just make the
permissions not accessible to IUSR and IWAM
eEye Digital Security Team
http://www.eEye.com/Retina -Network Security Scanner
http://www.eEye.com/Iris -Network Traffic Analyzer
----- Original Message -----
From: "Brian Murphy" <bem9127yahoo.com>
Sent: Tuesday, May 22, 2001 1:27 PM
Subject: IIS 5.0
> I have been working on getting our IIS 5.0 server
> ready for production. I have read and implemented all
> of the suggestions made from Microsoft Security and
> Securityfocus.com whitepapers for securing IIS 5.0 and
> Windows 2000 Advanced Server. The system will be
> located in a Hard DMZ (Behind a PIX Firewall) and
> running IPSec.
> I have installed all the latest patches and hotfixes
> to the system. I have verfied the system with HFCheck
> for IIS 5.0. And tested the system with "Patchwork".
> I have made all the recommended changes to NTFS
> permissions and removed everything from the IIS 5.0
> directories and relocated the wwwroot and ftproot
> HOWEVER, I am having a strange problem implementing a
> suggested solution to remove certain *.EXE Files from
> the system (Edlin.exe, xcopy.exe. etc..........).
> Everytime I move these files to a secure location they
> reappear in the directory (C:\winnt,
> C:\winnt\system32, etc.......). I have tried
> performing a SHIFT+DELETE on the files and they still
> return. I know there is something simple to resolve
> this issue but I have not found it yet. So, can
> someone make a suggestion?
> Also, if you have any additional recommendations that
> I might have missed please comment.
> Thanks for your time.
> Brian Murphy, MCSE
> Data Center Manager
> Carter Bloodcare
> Do You Yahoo!?
> Yahoo! Auctions - buy the things you want at great prices