Bryce
Mon Jan 05 14:52:04 CST 2004
"Jonathan Maltz [MS-MVP]" <jmaltz@mvps.org> wrote in message
news:%2305UuDy0DHA.2000@TK2MSFTNGP11.phx.gbl...
> Assuming you have execute permissions set to none or scripts only, it
> shouldn't allow EXE's to run
>
> Of course, allowing EXE's at all could possibly be a risk, so it may just
be
> better to ZIP or rename them...
>
> --
> --Jonathan Maltz [Microsoft MVP - Windows Server]
>
http://www.visualwin.com - A Windows Server 2003 visual, step-by-step
> tutorial site :-)
>
http://vpc.visualwin.com - Does <insert OS name> work on VPC 2004? Find
out
> here
> Only reply by newsgroup. Any emails I have not authorized are deleted
> before I see them.
>
>
> "Bryce" <fukuzzz@takethisout.hotmail.com> wrote in message
> news:RB1Kb.127$cJ3.105416@news.uswest.net...
> >
> > "Jonathan Maltz [MS-MVP]" <jmaltz@mvps.org> wrote in message
> > news:%2326s$vW0DHA.2456@TK2MSFTNGP10.phx.gbl...
> > > In %WINDIR%\System32\Inetsrv\URLscan\urlscan.ini, look for the line,
> > ".exe"
> > > under the section " [DenyExtensions]". If you find
> > > it, delete it. If not, then post back what "UseAllowExtensions" is
set
> > to.
> > >
> > > After it's deleted, restart IIS
> > >
> > > --
> > > --Jonathan Maltz [Microsoft MVP - Windows Server]
> > >
http://www.visualwin.com - A Windows Server 2003 visual, step-by-step
> > > tutorial site :-)
> > > Only reply by newsgroup. Any emails I have not authorized are deleted
> > > before I see them.
> > >
> > >
> > > "Bryce" <fukuzzz@takethisout.hotmail.com> wrote in message
> > > news:BbjJb.920$Gn2.66869@news.uswest.net...
> > > > How can I get URLscan to let a user download an .exe file? It just
> won't
> > > let
> > > > users do it.
> > > >
> > > > Thanks.
> > > >
> > > >
> > >
> > >
> >
> >
> > Would this in turn allow users to run exe's on the server or just permit
> > them to download an exe?
> >
> > Thanks.
> >
> >
> >
>
>
That is a good idea. I will zip them all. That solves it right there.
Thanks!