Re: Challenge/Response and IIS Security

Thu, 13 May 2004 10:32:47 -0700

Ahe, under "default web site" right under "web site", the options show as you described, the setting on my box is same as what you said, now, question, if my client's box has some entry/TEXT for the "Host Header Name", in other words, not blank, then, it would require NT logon?
It does not seem this way, I just tried.  Our comm. not "sync" yet?

> Rick,
>
> I don't have access to the DNS info about the client's box, so, don't
> know how it looks like, where should I advise him to look for this?
>
> Secondly, I looked at the property for "web site" on my own box with
> IIS 5.x, the HTTP Header, I see the Customer HTTP Header section is
> blank,  clicking Add an entry, prompt with header name and value pair,
>
> are you saying? give the header name any test name and enter IP:port
> for the value entry?  the header name field can't be blank, or are we
> talking about something slightly different?
>
> "Click on Add Select the IP enter the Port but leave
> the Host Header Blank."   I'm not with you here.
>
> Also, your point is?  if HTTP header is messed up / not set up
> properly in IIS, then NT logon would be prompted when accessing a
> page?
>
> Thanks.
>
> Don
>
> >In DNS if you have a Wild Card A record meaning any URL 3rd Level
> Domain
> >Name will be directed to this IP
> >
> >*     A    99.99.99.99
> >@   A   99.99.99.99
> >
> >IN IIS Go to the "Web Site" tab of the Web Site and click Advanced.
> This
> >shows the Host Headers. Click on Add Select the IP enter the Port but
> leave
> >the Host Header Blank.
> >
> >Now when someone goes to http://WHATEVER.yourdomain.com
> ><http://whatever.yourdomain.com/>  they go to that site.
> >
> >I most cases the Default Website on the server will have the "ALL
> >Unassigned" Host header so if you do not have a Blank Host header
> then the
> >request will be directed to the default site. That site is usually
> the IIS
> >Administration site and is Locked down.
> >
> >Rick
> >
> >
> >-----Original Message-----
> >From: Chunshen Li [mailto:[EMAIL PROTECTED]
> >Sent: Thursday, May 13, 2004 8:46 AM
> >To: CF-Talk
> >Subject: Re: Challenge/Response and IIS Security
> >
> >Sorry, could you elaborate a bit?
> >
> >new
> >NT
> >>logon is prompted when accessing a site.
> >>
> >>Is there/ are there any further scenarios that cause the same NT
> access
> >>problem?  Security gurus, you'll make my days.
> >>
> >>TIA.
> >>  _____
> >  
_____
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]

Reply via email to