Vulnerability Development mailing list archives
Re: IIS anonymous user - who?
From: DamianoAB () I-MEF USMC MIL (Damiano Cpl Anthony B)
Date: Thu, 20 Jul 2000 13:06:43 -0700
That account that is created is for the server to use when WWW users who connect via Anonymous Access as their authentication method. Its a member of the Guests local group and shouldn't be anywhere else. If you have your server to only allow authenticated users to connect to it, you don't need it, removing it without replacing it with the Everyone group will cause any users outside your domain not to be able to view your server. Hope this helps. Cpl Anthony B. Damiano Network Security Officer 9th Communication Battalion -----Original Message----- From: Bill Pennington [mailto:billp () ROCKETCASH COM] Sent: Tuesday, July 18, 2000 9:37 AM To: VULN-DEV () SECURITYFOCUS COM Subject: Re: IIS anonymous user - who? If I remember correctly the Everyone group under NT is exactly that, everyone. Authenticated users, unauthenticated users, my mother, my grandmother etc. Now I am a little fuzzy about the IUSR_compname account is used so I won't attempt to tell you what it does. Just remember everyone is everyone. Chris Erasmus wrote:
Recently we noticed something interessting about MS IIS 4.0, here is the scenario: Windows NT 4.0, SP 4. Default installation NT Option Pack. One way of not allowing anonymous access to a website is via the Internet Service Manager, but we were toying with another idea. What will happen if you delete the IUSR_Computername account completely? Surely anonymous access to the default website will be disallowed. No. To our surprise it wasn't. The account used for anonymous access was confirmed to be the IUSR_Compname. The service is running as System. Anonymous access was only denied after removing the Everyone group from the default.asp page's permission list. Administrator and System still had access to the page. Does anyone know why this happens or where we are making a mistake. Who's accessing the page? Thanks Chris Erasmus www.sensepost.com
-- Bill Pennington Senior IT Manager Rocketcash billp () rocketcash com http://www.rocketcash.com
Current thread:
- Re: IIS anonymous user - who? Todd Ransom (Jul 18)
- <Possible follow-ups>
- Re: IIS anonymous user - who? Andrejus Stavickis (Jul 19)
- Re: IIS anonymous user - who? Maxime Rousseau (Jul 19)
- Re: IIS anonymous user - who? Damiano Cpl Anthony B (Jul 20)