IUSR - Anonymous Logon

  • Thread starter Thread starter Amin
  • Start date Start date
A

Amin

Hi,

Microsoft Security for Windows 2003 Document suggest adding "Anonymous
Logon" to "Deny Access to this computer from network" for IIS Hardening. Is
this a correct setting for internet-facing web servers?! because I think
this setting will avoid internet users' access to web server and just
authenticated users can access web server. (IUSR is treated as Anonymous
Logon, right?)

Regards,
Amin.
 
Amin said:
Hi,

Microsoft Security for Windows 2003 Document suggest adding "Anonymous
Logon" to "Deny Access to this computer from network" for IIS Hardening. Is
this a correct setting for internet-facing web servers?! because I think
this setting will avoid internet users' access to web server and just
authenticated users can access web server. (IUSR is treated as Anonymous
Logon, right?)

Regards,
Amin.
Click to expand...

"Anonymous Logon" refers to connection where the user has not supplied any
user credentials. When a user accesses a web server, he/she is not
authenticated, BUT the IIS server will authenticate them as the IUSR_machine
name, which is a know local user account, and is not anonymous.

The "Anonymous Logon" could be users trying to access DCOM, RPC, LDAP etc on
that computer and not supplying any user credentials.


Arild
 
You must log in or register to reply here.

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

file permissions - anonymous web user 2
ACCESS AN ACCESS DATABASE FROM ASP.NET INTRANET SCENARIO 7
Anonymous Logon rights 1
ANONYMOUS LOGON 1
running logon scripts - synchronously 0
IIS account used for anonymous access 1
web.config and Anonymous Authentication problems ??? 0
ODBC and subweb with anonymous browsing disabled problem 1

Back
Top