HTTPS protocol transfers data using encryption. Is request URL encrypted or
is it available in plain text when packets are transmitted? I'd like to use
query part of URL to pass request id and I wonder if that request ID is
encrypted or not.

I'm trying to get a CGI to use delegated Kerberos authentication.  The
environment is IE6 on the client (A) and IIS6 on two servers (B and C).
Delegated authentication is working with ASP, according to
http://support.microsoft.com/kb/314404 but when I substitute the CGI for

I have an internal-only web app which I want to use a Windows Integrated
Security to control access.  I setup the Properties - Directory Security -
Authentication and Access Control ensuring Anonymous Access is NOT checked
and Integrated Windows Authentication is checked.

I'm developing an web application with DCOM interfaces.
When I run the application from VS2005 (internal Web Server), I don't have
any problem accessing to the DCOM hosted by another machine.
When I run the application from a virtual directory configured in IIS 7

trying to get the following setup to work:
      Http SPNEGO                         SPNEGO via CORBA
IE  <---------------------> IIS <---> CGI
<--------------------------------> AppServer

Hi every body,
I wonder why it is forbidden for a CGI application to do certain things,
which I consider quite harmless from a server point of view, like for
instance play a sound or encrypt/decrypt data.

I have a Win2K domain and need to create an intranet web server.  I'm
concerned about the security, will do a clean install of Windows 2000
Server/IIS 5, and am referencing the following document,
http://windowsitpro.com/articles/print.cfm?articleid=22274 but I'm still

Configured IIS6 on W2003 using Microsoft document :
- created iisadmpwd virtual directory
- registered iispwdchg.dll
- configured metabase PasswordChangeFlags

We have two 2003 AD forests with trusts in place and we are in the process
of building a intranet. We have set the security to Windows intergrated
authentication. When a user in forest1 (the one that also has the web server)
tries to access the site it works fine. When a user in ...

I can not get Kerberos to work on my web server. I have done all of Ken
Schaefers troubleshooting techniques still to no avail. I created a test.htm
page and when i hit it, I check the security event log and it is still using
NTLM. Any ideas why Kerberos is not running? I am ...

We are required to have failure auditing on the HKLM\Software and HKLM\System
registry hives (implemented recently) and now we are getting several thousand
of the following event in just a couple of days.  Why does it need all the
WRITE, Set, and Create access privileges?  No IIS ...

my configuration: windows xp prof sp2 with IIS 5.1.
I have several asp.net applications some using login/password (with
Anonymous authentification set in IIS) and others using the windows account
(with Integrated Windows Authentification).

Having trouble with my URL redirects.  I would like to redirect from
safe.check.com to safe.mydomain.com:2200, but want to hide the port.  Is
there a flag that would limit the address in the browser to
safe.mydomain.com?

I have a virtual directory in IIS 6 pointing to a network share using a
specified username/pwd to connect to the share. I can see that it connects
properly but I can not browse the web root folder I get an htto 500 error. I
am unsure of what is wrong or what to change. The actual ...

Hello together,
I have the following question:
I want to enable anonymous access for a HTTPS-website.
The website is located in a local path on the IIS-server.