Pages

Thursday, December 13, 2018

How to Disable HTTP Method OPTIONS for the web applications in IIS 7.5 and above



ABOUT OPTIONS METHOD

OPTIONS is a diagnostic method which is mainly used for debugging purpose. This HTTP method basically reports which HTTP Methods that are allowed on the web server. In reality, this is rarely used for legitimate purposes, but it does grant a potential attacker a little bit of help and it can be considered a shortcut to find another hole.

How to fix it

OPTIONS method should be disabled.

Way to do it
Methods to disable OPTION method may vary depending upon the type, version of the web server.

Here i am describing IIS Version 7.5 and above.
  • Open IIS Manager.
  • Select the name of the machine to configure this globally (or change to the specific web site for which you need to configure this).
  • Double click on "Request Filtering".
  • Change to the HTTP Verbs tab.
  • From the Actions pane, select "Deny Verb".
  • Insert 'OPTIONS' in the Verb, and press OK to save changes.

Regards
R.Karthikeyan

at 1 comment:

Tuesday, July 3, 2018

list of Windows PowerShell commands Useful for administrators

Add a DLL to the GAC


1. Run the Power Shell console as Administrator.
2. Enter the following PowerShell

Set-location "c:\Folder Path"            
[System.Reflection.Assembly]::Load("System.EnterpriseServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a")            
$publish = New-Object System.EnterpriseServices.Internal.Publish            
$publish.GacInstall("c:\Folder Path\DLL.dll")            
iisreset

Remove a DLL from the GAC

1. Run the PowerShell console as Administrator.
2. Enter the following Power Shell

Set-location "c:\Folder Path"            
[System.Reflection.Assembly]::Load("System.EnterpriseServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a")            
$publish = New-Object System.EnterpriseServices.Internal.Publish            
$publish.GacRemove("c:\Folder Path\DLL.dll")            
iisreset

Regards
R Karthikeyan
at No comments:

Monday, March 26, 2018

users temp profile deleting without restart


Delete their profile along with the corresponding registry key which can be found in,
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
In the profile list tree are a list of folders that start with "S-1-5-21-000-2323-" and so on, each one of these folders corresponds to a profile. Click each one, and in the right hand pane you will see something similar to "ProfileImagePath" where the patch shown will show the users logon ID at the very end. Find the folder with that users logon ID and delete it. Have the user now try and logon again which should force a new profile to be built.
at No comments: