ASP not working....

[dcxman 0]

I just setup a Win2K Adv Svr with IIS admin setup (done it a million times). Is there any reason why active server pages might not work? Is there an area somewhere in Adv. Server that I may have to go to in order to check if the extensions for ASP are turned on?

 

The only thing unique about this server is that it has Cold Fusion Server Professional 4.5 running on it as well.

 

Thanks to those is advance that can help or try to help.

 

Been pulling out my hair on this one (what little I have of it)

[CUViper 0]

Need more details here.... what do you mean by not working? Do you get an error message? Have you checked the error logs?

[clutch 1]

ASP is run by an integrated compiler on the server itself, so there shouldn't be a need to turn it "on". However, there are a couple of settings in the IIS control panel that allow for script execution (defualts should be fine though). So, to repeat what was asked, what are your errors?

[dcxman 0]

The error that came up was as follows:

 

 

 

 

The page cannot be found

The page you are looking for might have been removed, had its name changed, or is temporarily unavailable.

 

--------------------------------------------------------------------------------

 

Please try the following:

 

If you typed the page address in the Address bar, make sure that it is spelled correctly.

 

Open the 142.xxx.xxx.xxx ;(xxx home page, and then look for links to the information you want.

Click the Back button to try another link.

Click Search to look for information on the Internet.

 

 

 

HTTP 404 - File not found

Internet Explorer

 

END

 

 

This is when I try to bring up the default.asp

[dcxman 0]

Damn I put this it the main thread area. Sorry about Mr. Moderator. If you can please delete it from the main thread area.

Thanx

 

 

 

Sorry guys, I also forgot to mention the patches that I have installed that were from Microsoft.

 

 

code red patch (q300972_w2k_sp3_x86_en.exe)

IIS Lock Down for nimdA fix (IISLockD.exe)

Service Pack 2 (W2KSP2.exe)

 

I'm wondering if the IIS Lock Down would affect ASP extensions from working?

 

Thanks again guys.

[clutch 1]

Quote:

IIS Lock Down for nimdA fix (IISLockD.exe)

 

 

Yep, that can do it if you just setup the defaults. You will have this entry in your "urlscan.ini" file located at %windir%\system32\inetsrv\urlscan:

 

Code:

[AllowExtensions];; Extensions listed here are commonly used on a typical IIS server.;; Note that these entries are effective if "UseAllowExtensions=1"; is set in the [Options] section above.;.asp.htm.html.txt.jpg.jpeg.gif.css

 

Make sure that the "Allow Extensions" option is enabled, and that ".ASP" is listed. You can also confirm that ASP files are being blocked by checking out the URLScan Log file located in that same directory. Once you amend the ini file to allow for ASP extensions, restart your IISAdmin service (which will restart several other services, depending on your configuration) and the new ini file will be loaded.

[dcxman 0]

Thanx Clutch!

 

I found out a bit too late using trial and error method. I did a complete format and tested ASP with each patch install and sure enough it crapped out with the IIS Lock Down.

 

I tried looking for the "urlscan.ini" but it doesn't seem to exist. I did a complete search for it on the HDD as well without luck. Did I get the filename right?

 

I did an "undo" with IIS Lock Down and it did not restore ASP. I re-did the IIS Lock Down and this time chose in the custom settings to not include ASP extensions but this did not work as well.

 

I guess you're just pretty my SOL if you install IIS Lock Down period.

 

Microsoft's beginning to really peeve me.

 

Thanx again Clutch.

[clutch 1]

Are you using IISLockDown v2? That's the one that installs URLScan, and hence the blocking ability. It actually works extremely well and reduces server overhead while processing annoying attacks like the ones from CodeRed/Nimda infections. Instead of handling the URL and resolving it as unavailable, the filter just drops the request and sends back a "404" while logging it. Check to see if that directory exists, and make sure that you can view all hidden and system files as well.

[dcxman 0]

Well, to say the least, I was using IIS LockDown v.1 which was the only one available at the time nimdA attacked our area. I didn't realize that there was a version 2 out. Just came out in November from what I can see of the release date.

 

I hit the "undo" on version 1 and then setup version 2. I chose the "Dynamic Web Server (ASP enabled)" template configuration and allowed ASP extensions through the "view settings template" option. No luck I still get the same error not allowing an ASP to come up. I went into the "urlscan.ini" to manually select the ASP configuration and changed "UseAllowExtensions=0" to "UseAllowExtensions=1"

saved it and rebooted. No luck there as well. Still the same error. Whatever the first IIS LockDown v.1 did v.2 can't seem to undo it.

 

This is a newly formatted system just bare default services and patches running.

 

Thanx again Clutch for trying to help.

[clutch 1]

But before you installed lockdown, it worked fine? That's weird, I have used it on 6 or 7 servers myself without any issues from normal websites (Outlook Web Access takes more fiddling). If you run it again and uninstall it, it works fine? And, do you now have a urlscan log file in the directory I mentioned earlier?