1) virtual site
Know how to create a virtual web site given a DOS path and the IP address
2) virtual directory
Know how to create a virtual directory given a UNC path, username and password. If username is not given, you'll have to use the default anonymous name.
3) Anonymous access and Authentication Control
Know how to disable Anonymous Access. (Make sure the virtual directory is pointing to the correct directory).
Know how to enable Anonymous password synchronization with Windows NT.
Know how to allow only certain individual to access a particular virtual directory.
Be able to assess what is encrypted - password/username - by looking at the security settings of a web server. If you Allow Anonymous, no username and password will be transmitted because the server will automatically logon using the Anonymous account. By using Basic Authentication, username and password are not encrypted but are sent as clear text. The username and password will only be encrypted if you are using Windows NT Challenge/Response. In fact, only the hashed password will ever be transmitted.
4) blocking ip
Know how to deny all computers except for certain IPs to access the web site. Know how to configure the subnet mask too.
Know how to deny a single IP address to access the web site.
5) connections
Know how to decrease the number of inactive connections without decreasing the number of users (ie connection) or without decreasing the timeout value. This means to disable HTTP Keep Alives.
ISAPI Filter
Know how to add an ISAPI filter.
HTTP Header
Know how to set up an HTTP header.
MIME (under HTTP Header tab)
Know how to add additional MIME type to a web site.
1) FTP Sites
Know how to create FTP sites given the site names and path. Make sure you know how to allow uploads and downloads or just download.
2) FTP Virtual Directory
Know how to create virtual FTP directories pointing to local drives.
Know how to create FTP virtual directories using UNC path.
3) FTP Port
Know how to change TCP Port number given the site name and directory.
4) FTP Security
Know how to disable access for a specific user given his IP address.
Know how to check for what IP adresses blocked.
5) FTP Path
Know how to change the directory listing mode from DOS to Unix for a default FTP site.
6) FTP Connection
Know how to change concurrent connections value.
7) FTP Logging
Know how to enable logging on the default web and FTP sites, and configure it to start new logs when the file size reaches 4MB
Know how to track Anonymous logins on the Default FTP site, and do NOT track anonymous logins on the Default Web Site.
Wednesday, December 03, 2003