开发者

Configure Web Application Configuration Analyzer 2.0 for my ASP.NET App?

Ok, horrible headline, but the question is, has anyone used the new WACA? I run the sca开发者_如何学运维n and for most IIS related Rules I only get "Indeterminate".

For example:

In element enabled attribute is set to false -> Indeterminate

And that should be something that the tool can determine? No?

Cheers

Remy


IIS Common Files are required to scan for most of the web server checks. IIS Common Files are native in 2003/XP, but not 2008/Vista/Win7 so you need to install the IIS 6 Mgmt Console, Metabase, and Configuration Utility. Unfortunately this needs to be installed on both the scanning host and the remote server. Why they don't leverage the built-in IIS7 features instead of making you expand your attack surface I don't know.

See this page for instructions for installing IIS Common Files: http://technet.microsoft.com/en-us/library/aa998413%28EXCHG.80%29.aspx.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜