HOME                    
 
STUDY GUIDES
SAMPLE TESTS
FORUMS
AUDIO TRAINING
VIDEO TRAINING
EXAMSHEETS
HELP US OUT
LINKS DIRECTORY
NEWSLETTERS
COLLEGE DEGREES
FAQ
ARTICLES
BOOK REVIEWS
ADVERTISE
TIPS/TRICKS
TOPSITES
CONTACT

Cramsession


      

Internet Information Server 4.0

IIS4.0 is part of the Windows NT Option Pack.

Hardware Requirements.

486/50 with 16MB RAM and 50 MB disk space required.

P90 with 32-64MB RAM and 200MB-disk space recommended.

Software Requirements

NT Server 4.0 with Service Pack 3 and IE4.01 running TCP/IP.

NT workstation and Win9x can run personal web server, which is a scaled down version of IIS.

The core components of the option Pack are:

Microsoft Certificate Server 1.0 – issue digital certificates for security.

Microsoft Index Server 2.0 – Indexes websites so clients can perform a search via a query.

Microsoft Internet Information Server 4.0 (IIS) – Web Server.

Microsoft Management Console 1.0 (MMC) – The interface used to manage IIS. This is the future of Windows NT. The console provides a shell that applications will have a snap-in for. All Back Office products will have a snap-in for the MMC.

Microsoft Site Server Express 2.0 (SSE)

Content Analyzer – Site Mapping, link Management and verification, and content analysis.

Usage Image and report writer – Analyze log files.

Posting Acceptor – Allows users to post content via HTTP.

Microsoft Transaction Server 2.0 (MTS) – used for developing scalable server applications.

WWW Service - IIS4.0 supports HTTP1.1, which is the newest standard. It is faster; more secure and provides Virtual-hosting abilities. WWW Service is for publishing html pages to be viewed as graphical in a browser. IIS4.0 allows you to have unlimited virtual websites.

FTP Service – File Transfer Protocol. Used primarily for file copies.  IIS4.0 allows you to have unlimited virtual FTP sites.  Each virtual FTP site requires its own unique IP address.  FTP does not support the uses of host headers for virtual servers.

NNTP Service – Network News Transfer Protocol. Hosts electronic discussion groups. Can be secured using Secure Sockets Layer (SSL)

SMTP Service – Simple Mail Transfer Protocol. IIS4.0 can act as an SMTP client allowing web based applications to send and receive messages. SMTP service requires the use of the NTFS file system.  

Gopher is no longer supported in IIS4.0.

IIS and Active Server Pages. – Server side scripting for IIS with support for Vbscript and Jscript. Programmers can write programs that the client will run using html in a browser. The programs are triggered and run on the server.

Three ways to administer IIS.

Internet services Manager snap-in for the MMC – The graphical interface to the IIS settings.

Internet Service Manager (HTML) – allows for remote configuration. SMTP and NNTP can not be administered through the web-based option.

Scripting. – Allows for automated administration. ActiveX scripting allows scripts using Vbscript or Jscript. Dos command scripts are also supported.

Windows Scripting Host (WSH) – Allows you to execute scripts on the windows desktop or command console without embedding the scripts in an html document.

Metabase.

The Metabase replaces the registry in IIS 4.0. The metabase loads in memory and stores all of the configuration data. Some of the registry keys remain for backward compatibility but most info is in the metabase. The file is metabase.bin in the Inetsrv directory, which is where IIS got installed.

Hosting multiple domains on one server.

  1. Use unique IP addresses for reach domain
  2. Use one IP and unique host headers for each domain
  3. Use one IP and assign different ports to each domain.

Virtual directories – A web site can point at any directory on any physical hard drive on the IIS computer or on another computer in the same domain. It will appear to the surfer that that directory is the www root.

Properties

The top-level property sheet is the master properties. This is created during install and will be inherited by all sites created. If you change the master properties, all future sites will be affected but not existing.

You can change the properties for a site after creating it.

Web Site Properties - What properties can be set from each of the tabs in the MMC.

Web Site Tab

Web site ID

  • Description – the name you wish to reference the website by.
  • IP Address – Put in the IP address of your website. Use the advanced tab to change ports or use host headers.
  • TCP Port – defaults to 80 but can be changed
  • SSL Port – determines port used by the secure sockets layer.

Connections

  • Unlimited – allows an unlimited number of simultaneous connections
  • Limited to – Put in the number of simultaneous connections you want to limit to.
  • Connection Timeout – Set the length of time in seconds before disconnecting an inactive user.

Logging

  • W3C Extended Log File Format
  • NCSA Common Log File Format
  • ODBC Logging – Logs to a SQL database and is very resource intensive.

Operators Tab

  • Designate users to be able to administer specific websites by username or group.

Performance Tab

  • Bandwidth throttling – Limit bandwidth used by a website.
  • HTTP keep-alives allow clients to maintain an open server connection instead of reconnecting. Enabled by default

ISAPI Filters Tab

  • Used to run remote applications.

Home Directory Tab

  • Access permissions – choose read or write. Write allows upload capabilities for browsers supporting the put command.

Content Control:

  • Log access records visits to the directory in a log file.
  • Directory Browsing Allowed shows an automatically created listing of the files and subdirectories.
  • Index this directory tells Index Server to include the directory in a full text index.
  • Front Page Web will create a Microsoft Front Page web for the directory.

Application Settings

  • Run in separate memory space runs the application in a separate memory process from the web server.
  • Permissions - None doesn’t allow programs or scripts to be run, Script enables a script engine to run without having execute permissions set. Execute allows scripts, .dll’s and .exe’s to be run.

Configuration

  • Application Mappings – map file name extensions to the applications that process the files.
  • Active Server Pages – set options tat control how ASP scripts run.
  • ASP debugging – set debugging options for ASP scripts
  • Other – use this property sheet to set or change CGI Script timeout.

Documents Tab

  • Enable default document – tells which page to show if a specific page is not requested.
  • Enable document footer – automatically insert a footer. Used to add a logo or identifying text to your pages.

Directory Security Tab

Anonymous Access and Authentication Control

  • Allow Anonymous Access – users will all log on using an anonymous or guest account. Edit will allow you to specify an account
  • Basic Authentication – User will be authenticated and password will be sent in clear text. Will only be authenticated if Allow anonymous is unchecked or NTFS Access control is restricted.
  • Windows NT Challenge Response - Will only be authenticated if Allow anonymous is unchecked or NTFS Access control is restricted. Non Microsoft browsers that do not support Challenge response will get access denied.

Secure Communications

  • Uses Key manager to create a certificate request.

IP Address and Domain Name

  • Granted access will grant access to all computers except the ones you specify
  • Deny Access will deny all computers access except the ones you specify.

HTTP Headers Tab

  • Enable Content Expiration – The browser compares the date against the expiration date and decides whether to use a cached page or request a new page.
  • Custom HTTP Headers send a custom HTTP header to the client browser.
  • Content Rating adds http headers to rate content. This can help browsers filter out objectionable content.
  • MIME Map configures Multipurpose Internet Mail Extensions. Set the file types that the web server returns to the browser.

Custom Errors Tab

  • Messages returned to browser in case of an http error. Customize page not found and other errors.

FTP Service

  • FTP is basically used to transfer files from one computer to another using TCP/IP.  FTP actually uses TCP which is a connection based protocol.  TCP is known for its reliability and error checking abilities.

Virtual Servers

  • Virual Servers gives you the ability to host multiple FTP sites on one server.  Unlike HTTP, you can not use host headers for the sites.  You will need a registered IP for each of the FTP sites.
  • Virtual Directories will appear to the user as teh ftproot but can actually be on any computer in the domain.

Property Pages

FTP Site Main Page:

  • Description - Enter the Name you want for your site.
  • IP Address - The IP address of your site
  • TCP Port - The port you want the service to run on.  default is 21
  • Connections:
  • Unlimited - Will not limit the amount of simultaneous connections
  • Limited to - Choose a number of simultaneous connections
  • Connection timeout - Disconnect an inactive user after this many seconds.
  • Enable Logging - Choose the format you want for your log files.
  • Current Sessions - See who is currently connected.

 

Security Accounts Page:

  • Allow Anonymous Connections - If checked, users can log in as anonymous and you can choose the local username that will be used to grant them access.  IIS creates an account called IUSR_systemname to use for anonymous connections or you can use any account that you choose.
  • Check allow only anonymous connections if you don't want anyone logging in with usernames and passwords.
  • Check enable automatic password synchronization to have NT keep the account being used for anonymous access synched up with password changes on NT.
  • FTP Site Operators - Add any accounts you want to be able to administer the FTP site.

Messages Page:

  • Add messages to be displayed to users on the following events:  Welcome, Exit and Maximum connections exceeded.

Home Directory Page:

  • Choose your FTP root to be a local directory or a Network Share.
  • Select Access:
  • Read - This will allow web clients downloading of files.
  • Write - Allow HTTP1.1 enabled browsers to upload files.
  • Log Access - Keep a log file of all visitors.
  • Directory Listing Style: Unix or MS-DOS

Directory Security Page:

  • Allow or deny specific IP addresses or groups of IPs.  You will need to be familiar with Subnet ranges to limit a group of IP addresses.

SMTP Service

The SMTP service is not a full SMTP server.  It uses four directories:

  • Badmail - Stores undeliverables that can't be returned to sender
  • Drop - Receives all incoming messages.
  • Pickup - Picks up mail messages that are left here for delivery.  The mail is usually created as a text file.
  • Queue - Holds messages that can't be delivered at the current time.

SMTP service supports a masquerade domain which allows you to replace any local domain name used in any from lines in the header with a different domain name.

By default, SMTP service does not allow relay to external mail addresses.

.©2000 www.CERTguide.com