Open the following file: %systemroot%\system32\inetsrv\urlscan\urlscan.ini. Scroll down in the file until you find the section containing the text "; Deny executables that could run on the server" and then place a semicolon in front of the EXE that appears below it. This comments out EXE so that URLScan will stop blocking files with that extension. Then restart IIS or reboot your server.
Jon Bonner -----Original Message----- From: CHM Security [mailto:[EMAIL PROTECTED]] Sent: Friday, March 08, 2002 5:56 PM To: [EMAIL PROTECTED] Subject: URLScan I am running Citrix nfuse on a IIS 5 server and attempted to install the urlscan.exe from M$. I have very limited knowledge on web servers and everytime I install the urlscan it kills the ability of clients to download the citrix web client (ica32t.exe) file. Like I said I have very limited knowledge of web servers and I'm not sure how I can edit the urlscan ruleset to allow this to happen. I would really like to run the urlscan tool to receive all of the benefits it provides, but as of right now I can't because it kills necessary functionality. Any help would be greatly appreciated!
