Re: Urgent: Problem setting up web site hosting on SBS03 with ISA

Thank you for the advice. I have been saying the same thing to the owner
about security, but he has no money for at least another six months, and he
will not wait until then to get the web site up and working. Hopefully
hosting our own web site on the SBS box will be a temporary solution.

I have only made one change to the default install, so nothing should be
messed up. I'll let you know how it goes.
--
-Christopher DeMars


"Claus" wrote:

First, the security concerns are real and it would worry me even more
running ASP stuff with a connection to the SQL that sits on the same box. I
would not do that kind of configuration without a signed acknowledgment by
the owner that he understood the security risks.

I also hope you didn't mess up the installation by trying to get it going.
All you have to do is to publish the site in ISA. Also, do yourself a favor
and at least create a new website in a new app pool and don't try to do this
within the default site.

--
Claus
"ChristopherDeMars" <ChristopherDeMars@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:B688E919-14AA-4AD5-9B8C-700F55C366DC@xxxxxxxxxxxxxxxx
I have had this very same discussion with the owner on several occasions.
Due
to financial reasons, another server will not be provided. I have been
thus
instructed to forgo the security risk and get the web site up and running.
The web site needs to be running locally (instead of hosted on the ISP's
servers) because a custom .ASP based web site has been developed for the
comapny that interacts with information in the local SQL Server.
--
-Christopher DeMars


"Steve" wrote:

Hosting a public web site on your SBS box is a major security risk-please
reconsider.

"ChristopherDeMars" <ChristopherDeMars@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote
in
message news:E9A78341-5855-4F3F-B7AE-293FBF1B160A@xxxxxxxxxxxxxxxx
Hello,

I have a bit of a problem. I am the tech for a new startup business
that
recently bought a Server from Dell with SBS 03 Premium. I would like to
set
this machine up to host the external web site as well as the doing the
normal
SBS server stuff (exchange, sharepoint, SQL, etc.)

I literally just turned this machine on two days ago and have
successfully
completed the setup for the preinstalled OS. I followed the directions
that
came from Microsoft for completing the setup.

I have two NIC cards in the server, one going to a T1 line from the ISP
and
the other one for the internal network. Everything is setup with the
out-of-the-box default settings. The Server does have internet access
(I
have
no clients machines yet) and everything seems to work. EXCEPT for
hosting
an
external web site:

When I attempt to view the company web site from my home computer (by
entering the static IP address assigned by our ISP) I get the error:
"Error
Code: 500 Internal Server Error. Internet Control Message Protocol
(ICMP)
network is unreachable. For more information about this event, see ISA
Server
Help. (10051)". For some reason I cannot find ISA Server Help on this.

After much searching I found a blog post where someone with a similiar
error
suggested changing the port for WPAD to 8080 instead of the port 80 it
defaults to so that there are no IP binding conflicts. I made this
change
and
still get the exact same error.

I'm suprised that the server does work right out of the box, but I
guess
most people host IIS and ISA on different machines (but what about all
those
SBS servers out there - do not any of them host their own web sites?)

Can someone tell me what I'm doing wrong? Why can't I see my comany web
site? If you need more infomation to answer my question I am willing
to
provide.
--
-Christopher DeMars






.

Relevant Pages

  • [NT] Vulnerability in Microsoft Agent Allows Code Execution (MS07-051)
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... A remote code execution vulnerability exists in Microsoft Agent in the way ... Internet Explorer by setting the kill bit for the control in the registry. ...
    (Securiteam)
  • [NT] Microsoft JScript Remote Code Execution (MS06-023)
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... There is a remote code execution vulnerability in JScript. ... Configure Internet Explorer to prompt before running Active Scripting ...
    (Securiteam)
  • [NT] Vulnerability in Microsoft Data Access Components Allows Code Execution (MS07-009)
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... this vulnerability by preventing Active Scripting and ActiveX controls ... mode sets the security level for the Internet zone to High. ...
    (Securiteam)
  • [NT] Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (MS07-042)
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... Vulnerability in Microsoft XML Core Services Could Allow Remote Code ... mode sets the security level for the Internet zone to High. ...
    (Securiteam)
  • RE: tsweb, RWW, OWA not working
    ... lan as well "HTTP/1.1 500 Internal Server Error". ... Check the properties of the Default Web Site in IIS. ... > that link to work over the internet you have to edit the HTML code. ... You can change this in the IIS Manager, ...
    (microsoft.public.windows.server.sbs)