Browse by Tags

Tagged Content List
  • Blog Post: Fingerprinting IIS

      You can analyze the responses sent from a webserver to determine the version of IIS running (And in turn the version of the Windows Server). I have seen a lot of people discuss this. So here is my guide ... The easiest way is to capture a network trace or Fiddler trace and analyze the Server header...
  • Blog Post: IIS 7 Tip # 11 You can restrict SSL to only the Control Channel on FTPS

    The File Transfer Protocol (FTP) has been around even before I was born :) It is a good protocol for transferring files across the network but has one major flaw. If you use authentication it sends the password in a Base64 encoded format over the wire. If someone intercepts this he/she can easily decode...
  • Blog Post: MachineKeys For IIS 7.0

    IIS uses MachineKeys for encryption. IIS 6.0 uses a particular key c2319c42033a5ca7f44e731bfd3fa2b5_GUID to do the encryption. If you have worked on IIS Admin start up issues the machine keys is one of the first things we check because if you do not have the proper machine key you cannot enumerate the...
Page 1 of 1 (3 items)