directory file list---insecure or not?

Computing.Net > Forums > Windows 2000 > directory file list---insecure or not?

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

directory file list---insecure or not?

Name: Anthony
Date: August 20, 2002 at 07:27:51 Pacific

Comment:

Hi,
The following scenario appeared after settin up IIS server:
"users report that the only information they are seeing in their browser is a list of .htm and .asp files. For security reasons, the first action you need to take is to disable the user’s ability to view files of all web sites in the form of a list."
i'm wondering why it is considered "insecure" if users are able to view file list? there are many sites on the web that display files in this fashion and users can choose which files to view or download... any help?
Thanks
Anthony

Sponsored Link

Ads by Google

Response Number 1

Name: dan
Date: August 20, 2002 at 07:33:50 Pacific

Reply:

There is nothing insecure about viewing the list, but combine that will all the actual security holes in IIS, you got problems.

Response Number 2

Name: Rick
Date: August 21, 2002 at 04:38:56 Pacific

Reply:

Simply un-check "allow directory browsing" on the web site. It's not considered good policy to allow this, due to scripts, exe's and such being able to be downloaded, edited, etc. Normal web viewing does not allow most of that kind of activity and can be controlled better.
Letting users browse the files is the same as sharing your hard drive with them, would that be secure?

Sponsored Link

Ads by Google

mac print file list perl file list win2003 file list slow	boot file list php sort file list robocopy file list
See More

DNS forwarding problem

changing irq in2000

Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.

Go to Windows 2000 Forum Home

Sponsored links

Ads by Google

Results for: directory file list---insecure or not?

Windows 2000 could not start c:\winnt\sytem32\config\SYTEMced file is missing or corrupt

Summary

www.computing.net/answers/windows-2000/windows-2000-could-not-start-cwinntsytem32configsytemced-file-is-missing-or-corrupt/6106.html

Directory/files list browsing over the W

Summary

www.computing.net/answers/windows-2000/directoryfiles-list-browsing-over-the-w/19078.html

Batch file

Summary

www.computing.net/answers/windows-2000/batch-file/32831.html

From the Geek Dictionary
Input Device - an Input Device is anything that sends information to your computer,two of ...

Ask a Question!

Weekly Poll
Did you go shopping on Black Friday?

Poll Finishes In 5 Days.
Discuss in The Lounge
Poll History

Recent Posts
Video driver

Ubuntu 9.10 Not Recognizing Wireless card

Program appear and dissapear quickly

sound problems

Front panel audio connections

All Awaiting Reply

Tom's News
Man Pleads Guilty Selling Fake Chips to Navy

Threatening Rap on YouTube Lands Two in Jail

New Final Fantasy XIII Trailer is 5 Minutes Long

Guy Quits Job With Error Message

Verizon Takes on Sprint's 3G Network (And Wins)

More Tom's Guide News

Data Recovery

Manufacturer List | About Us | Advertising Info | Contact Us
The information on Computing.Net is the opinions of its users. Such opinions may not be accurate and they are to be used at your own risk. Computing.Net cannot verify the validity of the statements made on this site. Computing.Net and Computing.Net LLC hereby disclaim all responsibility and liability for the content of Computing.Net and its accuracy.
PLEASE READ THE FULL DISCLAIMER AND LEGAL TERMS BY CLICKING HERE