delete iisadmpwd folder on w2k03 IIS6

TheMSsForum.com: The Microsoft Software Forum

Hi everyone,

I am working on securing a win2k03 box and would like to remove the
iisadmpwd folder within the windows directory structure.

I have seen other posts and have run the vb script to disable the
password changing feature embedded in the files and scripts located in
this folder. Specifically.. adsutil.vbs set w3svc/1/
PasswordChangeFlags 2

But the folder and files are still un-deletable.

Does anyone know of a procedure for removing this folder and its
contents?

Regards,

AB
Top

Re: delete iisadmpwd folder on w2k03 IIS6 by David

David
Sun May 11 00:57:16 CDT 2008

On May 9, 6:17=A0am, abee...@yahoo.com wrote:
> Hi everyone,
>
> I am working on securing a win2k03 box and would like to remove the
> iisadmpwd folder within the windows directory structure.
>
> I have seen other posts and have run the vb script to disable the
> password changing feature embedded in the files and scripts located in
> this folder. Specifically.. adsutil.vbs set w3svc/1/
> PasswordChangeFlags 2
>
> But the folder and files are still un-deletable.
>
> Does anyone know of a procedure for removing this folder and its
> contents?
>
> Regards,
>
> AB


Since all IIS files are protected by Windows File Protection, you'll
have to defeat that to do what you want. But I don't see why you need
to do it because without the virtual directory pointing to iisadmpwd,
those files are no different from any other file installed by Windows
and your desire to secure it.


//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//
Top

Re: delete iisadmpwd folder on w2k03 IIS6 by abeeber

abeeber
Tue May 13 16:01:14 CDT 2008

On May 11, 1:57=A0am, David Wang <w3.4...@gmail.com> wrote:
> On May 9, 6:17=A0am, abee...@yahoo.com wrote:
>
>
>
>
>
> > Hi everyone,
>
> > I am working on securing a win2k03 box and would like to remove the
> > iisadmpwd folder within the windows directory structure.
>
> > I have seen other posts and have run the vb script to disable the
> > password changing feature embedded in the files and scripts located in
> > this folder. Specifically.. adsutil.vbs set w3svc/1/
> > PasswordChangeFlags 2
>
> > But the folder and files are still un-deletable.
>
> > Does anyone know of a procedure for removing this folder and its
> > contents?
>
> > Regards,
>
> > AB
>
> Since all IIS files are protected by Windows File Protection, you'll
> have to defeat that to do what you want. But I don't see why you need
> to do it because without the virtual directory pointing to iisadmpwd,
> those files are no different from any other file installed by Windows
> and your desire to secure it.
>
> //Davidhttp://w3-4u.blogspot.comhttp://blogs.msdn.com/David.Wang
> //- Hide quoted text -
>
> - Show quoted text -

Hi David,

Thank you for the pointer.

The reason why I want to delete the folder is that it surfaced is an
security audit scan on a machine about to go into production.

Regards,

Andrew
Top

Re: delete iisadmpwd folder on w2k03 IIS6 by David

David
Tue May 13 17:33:11 CDT 2008


On May 13, 2:01=A0pm, abee...@yahoo.com wrote:
> On May 11, 1:57=A0am, David Wang <w3.4...@gmail.com> wrote:
>
>
>
>
>
> > On May 9, 6:17=A0am, abee...@yahoo.com wrote:
>
> > > Hi everyone,
>
> > > I am working on securing a win2k03 box and would like to remove the
> > > iisadmpwd folder within the windows directory structure.
>
> > > I have seen other posts and have run the vb script to disable the
> > > password changing feature embedded in the files and scripts located in=

> > > this folder. Specifically.. adsutil.vbs set w3svc/1/
> > > PasswordChangeFlags 2
>
> > > But the folder and files are still un-deletable.
>
> > > Does anyone know of a procedure for removing this folder and its
> > > contents?
>
> > > Regards,
>
> > > AB
>
> > Since all IIS files are protected by Windows File Protection, you'll
> > have to defeat that to do what you want. But I don't see why you need
> > to do it because without the virtual directory pointing to iisadmpwd,
> > those files are no different from any other file installed by Windows
> > and your desire to secure it.
>
> > //Davidhttp://w3-4u.blogspot.comhttp://blogs.msdn.com/David.Wang
> > //- Hide quoted text -
>
> > - Show quoted text -
>
> Hi David,
>
> Thank you for the pointer.
>
> The reason why I want to delete the folder is that it surfaced is an
> security audit scan on a machine about to go into production.
>
> Regards,
>
> Andrew- Hide quoted text -
>
> - Show quoted text -


The results of the security audit scan seems quite arbitrary to me.

It could complain about cmd.exe being present on the machine since
remote exploits try to get a remote shell from it. That file is also
under Windows File Protection and is admittedly far more dangerous
than iisadmpwd.

Yet this security scan chooses to complain about something that is not
accessible (you got rid of the vdir definition in IIS, yes? And not
just set a metabase property) yet ignore something that is readily
targeted and more exploitable.

So, yes, you can make a judgement about the validity of the security
audit scan's result. I would only treat it under advisement, not
sacred. But that depends on your situation.


//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//
Top