IIS Web proxy allowing anon access (cross post)

corpanarchy · Feb 6, 2003

Having issues with anonymous users being able to use our proxy to route on to external sites. The ips are external. Setup the ACL for a new group called

http://WWW Proxy,

removed machine accounts from the group. It forces logon from IE within the domain but still I see anonymous logons when I go and look at the connection. (In addition to my users.)

I've set the registry to disallow anonymous access to shares, gone through every permission based protocol in IIS and disabled unnecessary web services.

Can't help but think we're being used for something untoward, most sites are pr0n and web based mail.

Help?!!!

GiaBetiu · Feb 9, 2003

Because your clients are accessing external servers, could not be a problem related with NTFS rights, or something like this.
The problem is in proxy. Authorization is coming from proxy, right?
Then, you have to configure your proxy to not allow anonymous access. How? Depends on the proxy you are using. Gia Betiu
giabetiu@chello.nl
Computer Eng. CNE 4, CNE 5, soon MCSE2k

corpanarchy · Feb 10, 2003

Found out what it was on a teeny little blurb in microsoft documentation. You can disallow anonymous access to the various services in IIS all you like but if the default website is set to allow, it doesn't make a difference.

Had to kill the anonymous access to the ftp service.

That did it 0_0.

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

IIS Web proxy allowing anon access (cross post)

corpanarchy

IS-IT--Management

GiaBetiu

MIS

corpanarchy

IS-IT--Management

Similar threads

Part and Inventory Search

Sponsor