![]() ![]() Expand the server name’s folder and click on the Sites folder to load a list of sites in the content pane. However, in general, From the Windows Start menu, go to Administrative Tools and click on Internet Information Services NS) Manager. Note: The log storage location may vary if the administrator has made a configuration to record and store the logs in some other location. Most often, the log file(s) is/are located at %SystemDrive%inetpub\logs\LogFiles. The IIS logs provide useful information regarding the user activities. On the occurrence of such attacks, forensic investigators examine the IIS logs to trace the attempts made by the attacker to exploit the server. The IIS server might become vulnerable if there are any coding or configuration issues, which can allow attackersto exploit it if not addressed on time. Related Product : Computer Hacking Forensic Investigator | CHFI Investigating IIS Logs This is disturbing, as there is no inherent need for inetinfo.exe to invoke a command prompt. Without service packs or hot fixes in 115 web server, there are numerous possibilities that an IIS process inetinfo.exe calls a command shell. ![]() The open architecture of 115 enables an attacker to exploit the web with malicious content. IIS depends mostly on a group of dynamic-link libraries (DLLs) that work collectively with the main server process (inetinfo.exe) capturing different functions, for e.g., content indexing, server-side scripting, web- based printing, etc.
0 Comments
Leave a Reply. |