Educause Security Discussion mailing list archives
Web server default page
From: "Cheek, Leigh" <lcheek () UTK EDU>
Date: Fri, 10 Jul 2009 15:23:46 -0400
I am auditing a system with web access. When reviewing the website, I check the certificates and truncate website address to check whether installed software like Banner or Oracle have created default website. I usually like to see a redirect back to the main access page. When I truncated the subdirectories off the main web address, I have found instead a under construction default page from IIS (see below). ------------------------ Under Construction The site you are trying to view does not currently have a default page. It may be in the process of being upgraded and configured. Please try this site again later. If you still experience the problem, try contacting the Web site administrator. If you are the Web site administrator and feel you have received this message in error, please see "Enabling and Disabling Dynamic Content" in IIS Help. To access IIS Help Click Start, and then click Run. In the Open text box, type inetmgr. IIS Manager appears.
From the Help menu, click Help Topics.
Click Internet Information Services. ------------------------- Do you see any big vulnerabilities with the IIS default page? Thanks, Leigh Cheek, CIA, CISA Senior Auditor Audit and Consulting Services University of Tennessee 149 Conference Center Building Knoxville, TN 37996-4114 (865) 974-4420 fax (865) 974-6171 lcheek () utk edu
Current thread:
- Web server default page Cheek, Leigh (Jul 10)
- <Possible follow-ups>
- Re: Web server default page Valdis Kletnieks (Jul 10)
- Re: Web server default page Russell Fulton (Jul 14)