![]() While I can (and have) used a custom port for RDP and don't even use FTP at all, we can't change port 80 if we expect things to work right. But the site uses Exchange, and we'd like to polish up and provide remote access for the users. Types that I KNOW a company's users are not doing (because the company's users don't even know remote access is available or what the address is). Seeing w3wp.exe activity all the time, blown-up log files, and to go through those log files seeing thousands of requests of various So it's really quite frustrating to do some work for a company and have to fight with IIS to make it secure and perform well. Products like Exchange could just communicate like everything else does - internally over shared memory or named pipes using its own (more-optimized!) protocols. It's very frustrating that Microsoft ties something as hackable as IIS in so closely with Windows functions like RPC-over-HTTP and integrated Windows authentication. Mix of authentication that opens it up to such attacks. I do this because Apache doesn't have any integration with Windows at all, or the resulting Personally, I run Apache on my Windows home server (even though WHS comes with IIS!) to serve my personal website from home. I've faced this issue with IIS for a while now.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |