Ping a Specific Port

Question

Eric H

Asked: 2009-06-03 09:23:54 +0800 CST2009-06-03 09:23:54 +0800 CST 2009-06-03 09:23:54 +0800 CST

Why do passwords and ACL entries change within IIS 6.0 MetaBase.xml?

772

I am attempting to monitor changes to IIS server configuration with TripWire, and have noticed the IIS 6.0 MetaBase.xml file is frequently changed. I understand that IIS frequently backs up the MetaBase, but why would values for the various ACL and password entries change with each revision?

The values that change:
AdminACL
AnonymousUserPass
LogOdbcPassword
WAMUserPass
UNCPassword

New revisions are triggered by simply opening iis.msc, even though none of the settings are changed.

1 Answers

Voted

Evan Anderson · Answer 1 · 2009-09-17T15:06:47+08:00

Best Answer

Evan Anderson

2009-09-17T15:06:47+08:002009-09-17T15:06:47+08:00

It appears to be salting the vaues on each export.

These propeties are all "SECURE" properties (see http://technet.microsoft.com/en-us/library/cc775980(WS.10).aspx) and Microsoft makes an attempt to obscure them in the XML file.

The encryption appears to be "salted" with the timestamp, version number, or both (I can't get a clear description of the algorithm anywhere) of the XML file. It appears that the IIS management snap-in calls the IIsComputer.SaveData (http://msdn.microsoft.com/en-us/library/ms524872.aspx) API and that, in turn, writes a fresh XML export with the newly-salted values.

2

Why do passwords and ACL entries change within IIS 6.0 MetaBase.xml?

Ping a Specific Port

What port does SFTP use?

Resolve host name from IP address

How can I sort du -h output by size

Command line to list users in a Windows Active Directory group?

What's the command-line utility in Windows to do a reverse DNS look-up?

How to check if a port is blocked on a Windows machine?

What port should I open to allow remote desktop?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?