Blog Archives

VBScript: Windows XP/IIS 5.1 DOES Support Denying Access by IP Addresses

In helping a visitor to troubleshoot running my IIS FTP ban script, I realized that while XP makes it appear as though it doesn’t support banning users by IP address, it actually does provide that support; you just have to

Posted in IIS, Security, VBScript

VBScript: Kerberos, Delegation, IIS and User Authentication

Recently, I wanted to write a web-based front end to AD User Management for our help desk. The way that I set it up apparently broke some Kerberos delegation rules and even though Microsoft wrote a step-by-step guide on how

Posted in Active Directory, IIS, VBScript

VBScript: Stop Dictionary FTP Attacks in IIS using VBScript

Spencer Ruport of netortech.com modified my FTP ban script into one that stops dictionary attacks. And he chooses not to ban via the problematic IIS way but instead creating a bad route for the offending IP address. Pretty darn ingenius.

Posted in IIS, VBScript

IIS: Instantly Ban IPs Attempting to Login to MS-FTP as Administrator

UPDATE 12/18/06: The startup script has been modified slightly (cscript.exe was changed to wscript.exe). Now, console users will no longer encounter a blank black box upon login. UPDATE 11/21/06: Now that banning at the IP level has been added to

Posted in IIS, Security, VBScript

IIS: MD_CUSTOM_ERROR (6008)

I recently loaded up one of my servers and out of nowhere, I ran into this error: Server Configuration Error The server has encountered a configuration error attempting to process your request. The configuration parameter MD_CUSTOM_ERROR (6008) has an invalid

Posted in IIS, Linux

ASP: mod_rewrite or URLRewrite with Classic ASP (Sorta)

Using a Custom 404 error script in IIS makes it possible to emulate a very basic URL rewrite. Sample Environment – IIS 6 – Website domain: “www.me.com” – URLRewrite directory: “code” Steps 1. Create a file named rewrite.asp in the

Posted in IIS

ASP: Sustain Remote Cookie Sessions in an ASP/VBScript

I dug up this cold from my old netnerds blog. For Googlers wondering if sustaining a remote session is possible, the answer is yes; I’ve sustained remote cookie sessions using both ASP & VBScript. I’ve provided simplified code below. It

Posted in IIS, VBScript

VBScript: Ban IPs in IIS Programatically

I used the following code a while back as part of a solution to automate the banning of spammers via their IP address. 'Here, we will pretend this is an imported list Dim XMLarr(1) XMLarr(0) = "65.19.238.21" XMLarr(1) = "198.31.175.100"

Posted in IIS, Security, VBScript