I tested this here in the lab. Fresh install of Windows 2000 Advanced Server onto a 5gig clean NTFS partition. I accepted all the default settings. During installation, when I was asked to select installation components, I unchecked IIS and continued with installation. After installation was complete, I checked Services and found no IIS services to be installed or running. To test a suggestion someone else had made to Focus-MS, I went into Add/Remove Programs and selected Add/Remove Windows components. From there, I went into the Networking Components list and checked COM Internet Services Proxy. When I clicked Ok and was back at the top-level component selection screen, IIS had automatically been checked off. If I attempted to uncheck IIS, a message dialog popped up stating that another component I was trying to install was dependant on IIS and listed COM Internet Services Proxy as the component. I don't believe that this is a bug or a vulnerability, just something to pay attention to when installing any software or components. Marc Fossi, MCSE SecurityFocus www.securityfocus.com On Mon, 27 Aug 2001, Margaret CTR Rhodes wrote: > This may be a subject answered in the past, but I haven't seen anything on it > lately. > > Yesterday, our systems administrator, Mike Miller of RS Information Systems, > loaded Win2000 on a server and deselected IIS. Despite this, IIS loaded anyway > with no notification that the deselection had been ignored. He tried this a > couple of times and our Incident Response team is testing it now. The only way > he knew that it loaded was that he went in and checked the list of services--and > there it was! > Is there any information out there about this on any version of W2K? > > There were several people out there that may not have put the patch on because > they deselected IIS--and then were hit with Code Red. > > Here is the configuration of the machine. > > It's a Gateway E-5200 > Processor - Pentium III 600 MHZ > Memory - 256 MB > Adaptec 29160 Controller > Hard Drive - IBM DMVS 18.2 GB > Nic - 3C905c > Win2000 Basic > > Maggie Rhodes > ISS Analyst > RS Information Systems > > >
This archive was generated by hypermail 2b30 : Mon Aug 27 2001 - 15:31:39 PDT