OmniSecu.com Logo  
omnisecu.com free mcse ccna rhce linux java learning
omnisecu.com free mcse ccna rhce linux java learning
          Sharefacebook twitter google+ google bookmark yahoo bookmark delicious digg linkedin pinterest reddit stumbleupon evernote diigo blinklist blogmarks livejournal email feed

Tutorials

Securing Access Control in Internet Information Services (IIS) 7 , Anonymous Web Server Access, IUSER accout

External Resources

Internet Information Services (IIS) 7 uses a named user account to authenticate anonymous web site visitors.  This account on Internet Information Services (IIS) 7 server is created when you install Internet Information Services (IIS) 7 on Windows Operating System. The used account which is used to authenticate anonymous web site visitors to Internet Information Services (IIS) 7 web site is called IUSER_<computer_name>. This user account is visible when you open Local Users and Groups node in Server Manager, as shown below.

IUSER user account

When a Web visitor accesses a Web site, the Internet Information Services (IIS) 7  will automatically logs that user on using the IUSER_<computer_name> account. This method of authenticate anonymous web site visitors using the IUSER_<computer_name> account allows system administrators granular access control on a Web server so that all anonymous users have the same level of access. This also allows the users who accessing the web site through their own user accounts for another level of access.

The access permissions of the web user accounts for anonymous logins should be restricted to the lowest level, so they cannot log on locally to the server nor access any resource outside the root of the web site.

IUSER_<computer_name> account ideally should not have the permission to write server hard disk or execute programs on server. If there is a need for other user accounts to grant certain users a higher level of access permission than the anonymous IUSER_<computer_name> account, administrator should create user accounts in server only to access the web site. Internal user accounts should not be used to login to the web server. It is a great threat to security if internal users, who can logon locally to internal machines, are exposed outside.

              Jajish Thomason Google+
Related Topics

No Related Topics Available

comments powered by Disqus


eXTReMe Tracker DMCA.com