Re: Trend C/S/M SMB on SBS2003
From: Peter Scott (me_at_privacy.net.au)
Date: 04/14/04
- Next message: Miguel: "Shadow copy and 16K blocks"
- Previous message: Chuck: "Remote client terminal services printing"
- In reply to: Peter Scott: "Trend C/S/M SMB on SBS2003"
- Next in thread: Les Connor [SBS MVP]: "Re: Trend C/S/M SMB on SBS2003"
- Reply: Les Connor [SBS MVP]: "Re: Trend C/S/M SMB on SBS2003"
- Reply: Les Connor [SBS MVP]: "Re: Trend C/S/M SMB on SBS2003"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 15 Apr 2004 00:20:47 +1000
Fixed - problem caused by UrlScan.ini (preventing CGI script from running)
As my SBS2003 was an upgrade from SBS2000, I had previously ran IISLockdown
Tool and installed UrlScan 2.5.
My UrlScan file had the following settings:
UseAllowExtensions=0 ; if 1, use [AllowExtensions] section, else
use [DenyExtensions] section
[DenyExtensions]
; Deny executables that could run on the server
.exe
.bat
.cmd
.com
Since Trend Micro uses .exe to execute CGI, the UrlScan was preventing the
executable from loading the CGI script.
I made the following changes to UrlScan.ini (located in:
C:\WINNT\System32\inetsrv\urlscan\) - which places a ";" in front of the
extension '.exe.' to allow it to be executed
[DenyExtensions]
;.exe
For the changes to take affect, IIS needed to be restarted. From a command
prompt, I typed:
NET STOP IISADMIN (I was prompted to confirm the stopping of services) - be
sure to note which services are stopped as you will to restart them
then restart IIS Web Services
NET START W3SVC (and net start other services that were stopped like SMTP
service and so on..)
I then proceeded to connect to my OfficeScan URL - which was successful.
My Comments
I don't like the idea of allowing the extension ".exe" to run on my web
server as no other sites require this. I did try Configure URLScan to Allow
Requests with a Null Extension in IIS as per article 312376 - but was not
successful.
I don't understand why Trend Micro still rely on this method (after several
OfficeScan versions) rather then using a ISAPI filter which would be more
secure. As I have been a user of Trend Micro InterScan Messaging Security
Suite on SBS2003 - which configs IIS6 with an ISAPI filter called
CCGIRedirect 'isapi_redirect.dll' for CGI scripting to be executed for the
virtual site or virtual folder.
I guess this would not be a problem on a new install of SBS2003 as it would
not have URLSCAN by default as IIS uses alternative methods to allow
extensions to run.
I hope other users will benefit from this as I found no help on Trend's web
site or the SBS newsgroup.
If any other users have advice on how the UrlScan should be configured on
SBS2003 - please let me know - because I'm feeling pretty worried about
allowing the ".exe" extension to be available on my web server (which
currently hosts external web sites).
Peter
"Peter Scott" <me@privacy.net.au> wrote in message
news:eHOBIMhIEHA.3356@TK2MSFTNGP11.phx.gbl...
> I have installed Trend Micro C/S/M SMB on SBS2003 but can not connect
> to the console - receive page not found error 404
>
> 1. I used port 8085 - which was not used by any other service (by
> doing netstat -an)
> 2. Web service extension lockdown is authorising service
> 3. Correct path exists
>
> Here are the steps I used with Installing Trend Micro
> Client/Server/Messaging SMB
>
> 1. (I use the Administrator account.)
> 2. Run setup
> 3. Enter the FQDN server.domain.local OR the IP of the SBS. I used
> internal IP
> 4. Install into IIS Virtual Web Site (NOT the default web site).
> 5. Used port 8085 for communication.
> 6. Deselected SSL.
> 7. Used Administrator account - using ISA so I entered proxy info
and
> port
> 8. Entered activation code
> 9. Accept the server/client port.
> 10. Accept the client installation for the SBS (installs the
> Officescan client on the server)
> 11. The install proceeds, then open the admin console - then fails
to
> open
>
> I checked web service extensions - which are allowing the files in
the
> correct folder.
> I checked the persmissions on the OfficeScan directory - no problems
> with access
> Internet Explorer is set to bypass local domain and addresses to
> bypass proxy
> The services are started.
>
> Arrhhh!!! - I'm off to advanced hair for extreme hair replacement
> therapy!
>
>
- Next message: Miguel: "Shadow copy and 16K blocks"
- Previous message: Chuck: "Remote client terminal services printing"
- In reply to: Peter Scott: "Trend C/S/M SMB on SBS2003"
- Next in thread: Les Connor [SBS MVP]: "Re: Trend C/S/M SMB on SBS2003"
- Reply: Les Connor [SBS MVP]: "Re: Trend C/S/M SMB on SBS2003"
- Reply: Les Connor [SBS MVP]: "Re: Trend C/S/M SMB on SBS2003"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
