this is windows file protection. you cannot overcome it. just make the
permissions not accessible to IUSR and IWAM
Signed,
Ryan Permeh
eEye Digital Security Team
http://www.eEye.com/Retina -Network Security Scanner
http://www.eEye.com/Iris -Network Traffic Analyzer

----- Original Message -----
From: "Brian Murphy" <bem9127yahoo.com>
To: <focus-mssecurityfocus.com>
Sent: Tuesday, May 22, 2001 1:27 PM
Subject: IIS 5.0

> I have been working on getting our IIS 5.0 server
> ready for production. I have read and implemented all
> of the suggestions made from Microsoft Security and
> Securityfocus.com whitepapers for securing IIS 5.0 and
> Windows 2000 Advanced Server. The system will be
> located in a Hard DMZ (Behind a PIX Firewall) and
> running IPSec.
>
> I have installed all the latest patches and hotfixes
> to the system. I have verfied the system with HFCheck
> for IIS 5.0. And tested the system with "Patchwork".
>
> I have made all the recommended changes to NTFS
> permissions and removed everything from the IIS 5.0
> directories and relocated the wwwroot and ftproot
> directories.
>
> HOWEVER, I am having a strange problem implementing a
> suggested solution to remove certain *.EXE Files from
> the system (Edlin.exe, xcopy.exe. etc..........).
> Everytime I move these files to a secure location they
> reappear in the directory (C:\winnt,
> C:\winnt\system32, etc.......). I have tried
> performing a SHIFT+DELETE on the files and they still
> return. I know there is something simple to resolve
> this issue but I have not found it yet. So, can
> someone make a suggestion?
>
> Also, if you have any additional recommendations that
> I might have missed please comment.
>
> Thanks for your time.
>
> Brian Murphy, MCSE
> Data Center Manager
> Carter Bloodcare
>
>
>
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Auctions - buy the things you want at great prices
> http://auctions.yahoo.com/
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]