13-05-2021

Vermeer 2 Patch Update Pph

Internet Information Services (IIS, formerly Internet Information Server) is an extensible web server created by Microsoft for use with the Windows NT family.[2] IIS supports HTTP, HTTP/2, HTTPS, FTP, FTPS, SMTP and NNTP. It has been an integral part of the Windows NT family since Windows NT 4.0, though it may be absent from some editions (e.g. Windows XP Home edition), and is not active by default.

Internet Information Services
Screenshot of IIS Manager console of Internet Information Services 8.5
Developer(s)Microsoft
Initial releaseMay 30, 1995
Stable release
Written inC++[1]
Operating systemWindows NT
Available inSame languages as Windows
TypeWeb server
LicensePart of Windows NT (same license)
Websitewww.iis.net

Aplikasi e-SPT PPh Pasal 21 sampai saat ini telah mencapai update versi 2.3.0, dengan file patch ini Anda dapat memperbaharui installer atau patch versi sebelumnya yaitu versi 2.2.0.1. Patch e-SPT PPh Pasal 21 versi 2.3.0 tersebut dapat anda unduh pada link yang kami persiapkan dibawah. 629-0984 N 2 LOCATIONS QUALITY & VALUE SINCE 1974 315-8700. Ment, needs to update it. There's confusion, especially at the intersection of (State Road).

History

The first Microsoft web server was a research project at the European Microsoft Windows NT Academic Centre (EMWAC), part of the University of Edinburgh in Scotland, and was distributed as freeware.[3] However, since the EMWAC server was unable to handle the volume of traffic going to Microsoft.com, Microsoft was forced to develop its own web server, IIS.[4]

Almost every version of IIS was released either alongside or with a version of Microsoft Windows:

  • IIS 1.0 was initially released as a free add-on for Windows NT 3.51.
  • IIS 2.0 was included with Windows NT 4.0.
  • IIS 3.0, which was included with Service Pack 2 of Windows NT 4.0, introduced the Active Server Pages dynamic scripting environment.[5]
  • IIS 4.0 was released as part of the 'Option Pack' for Windows NT 4.0. It introduced the new MMC-based administration application.
  • IIS 5.0 shipped with Windows 2000 and introduced additional authentication methods, support for the WebDAV protocol, and enhancements to ASP.[6] IIS 5.0 also dropped support for the Gopher protocol[7]
  • IIS 5.1 was shipped with Windows XP Professional, and was nearly identical to IIS 5.0 on Windows 2000.
  • IIS 6.0, included with Windows Server 2003 and Windows XP Professional x64 Edition, added support for IPv6 and included a new worker process model that increased security as well as reliability.[8]
  • IIS 7.0 was a complete redesign and rewrite of IIS, and was shipped with Windows Vista and Windows Server 2008. IIS 7.0 included a new modular design that allowed for a reduced attack surface and increased performance. It also introduced a hierarchical configuration system allowing for simpler site deploys, a new Windows Forms-based management application, new command-line management options and increased support for the .NET Framework.[9] IIS 7.0 on Vista does not limit the number of allowed connections as IIS on XP did, but limits concurrent requests to 10 (Windows Vista Ultimate, Business, and Enterprise Editions) or 3 (Vista Home Premium). Additional requests are queued, which hampers performance, but they are not rejected as with XP.
  • IIS 7.5 was included in Windows 7 (but it must be turned on in the side panel of Programs and Features) and Windows Server 2008 R2. IIS 7.5 improved WebDAV and FTP modules as well as command-line administration in PowerShell. It also introduced TLS 1.1 and TLS 1.2 support and the Best Practices Analyzer tool and process isolation for application pools.[10]
  • IIS 8.0 is only available in Windows Server 2012 and Windows 8. IIS 8.0 includes SNI (binding SSL to hostnames rather than IP addresses), Application Initialization, centralized SSL certificate support, and multicore scaling on NUMA hardware, among other new features.
  • IIS 8.5 is included in Windows Server 2012 R2 and Windows 8.1. This version includes Idle worker-Process page-out, Dynamic Site Activation, Enhanced Logging, ETW logging, and Automatic Certificate Rebind.
  • IIS 10.0 version 1607 a.k.a. version 10.0.14393 is included in Windows Server 2016 released 2016-09-26 and Windows 10 Anniversary Update released 2016-08-02. This version includes support for HTTP/2[11], running IIS in Windows containers on Nano Server, a new Rest management API and corresponding web-based management GUI, and Wildcard Host Headers[12].
  • IIS 10.0 version 1709 is included in Windows Server, version 1709 (Semi-Annual Channel) and Windows 10 Fall Creators Update both released 2017-10-17. This version adds support for HSTS, container enhancements, new site binding PowerShell cmdlets, and 4 new server variables prefixed with 'CRYPT_'[13].
  • IIS 10.0 version 1809 a.k.a. version 10.0.17763 is included in Windows Server 2019 and Windows 10 October Update released 2018-10-02. This version added flags for control of HTTP/2 and OCSP Stapling per site, a compression API and implementing module supporting both gzip and brotli schemes, and a UI for configuring HSTS[14].

All versions of IIS prior to 7.0 running on client operating systems supported only 10 simultaneous connections and a single website.

Microsoft was criticized by vendors of other web server software, including O'Reilly & Associates and Netscape, for its licensing of early versions of Windows NT; the 'Workstation' edition of the OS permitted only ten simultaneous TCP/IP connections, whereas the more expensive 'Server' edition, which otherwise had few additional features, permitted unlimited connections but bundled IIS. It was implied that this was intended to discourage consumers from running alternative web server packages on the cheaper edition.[15] Netscape wrote an open letter to the Antitrust Division of the U.S. Department of Justice regarding this distinction in product licensing, which it asserted had no technical merit.[16] O'Reilly showed that the user could remove the enforced limits meant to cripple NT 4.0 Workstation as a web server with two registry key changes and other trivial configuration file tweaking.

Features

IIS 6.0 and higher support the following authentication mechanisms:[17]

  • Anonymous authentication
  • UNC authentication
  • .NET Passport Authentication (Removed in Windows Server 2008 and IIS 7.0)[18]
  • Certificate authentication

IIS 7.0 has a modular architecture. Modules, also called extensions, can be added or removed individually so that only modules required for specific functionality have to be installed. IIS 7 includes native modules as part of the full installation. These modules are individual features that the server uses to process requests and include the following:[19]

  • Security modules: Used to perform many tasks related to security in the request-processing pipeline, such as specifying authentication schemes, performing URL authorization, and filtering requests.
  • Content modules: Used to perform tasks related to content in the request-processing pipeline, such as processing requests for static files, returning a default page when a client does not specify a resource in a request, and listing the contents of a directory.
  • Compression modules: Used to perform tasks related to compression in the request-processing pipeline, such as compressing responses, applying Gzip compression transfer coding to responses, and performing pre-compression of static content.
  • Caching modules: Used to perform tasks related to caching in the request-processing pipeline, such as storing processed information in memory on the server and using cached content in subsequent requests for the same resource.
  • Logging and Diagnostics modules: Used to perform tasks related to logging and diagnostics in the request-processing pipeline, such as passing information and processing status to HTTP. sys for logging, reporting events, and tracking requests currently executing in worker processes.

IIS 7.5 includes the following additional or enhanced security features:[20]

  • Client certificate mapping
  • IP security
  • Request filtering
  • URL authorization

Authentication changed slightly between IIS 6.0 and IIS 7, most notably in that the anonymous user which was named 'IUSR_{machinename}' is a built-in account in Vista and future operating systems and named 'IUSR'. Notably, in IIS 7, each authentication mechanism is isolated into its own module and can be installed or uninstalled.[18]

IIS 8.0 offers new features targeted at performance and easier administration. The new features are:

  • Application Initialization: a feature that allows an administrator to configure certain applications to start automatically with server startup. This reduces the wait time experienced by users who access the site for the first time after a server reboot.[21]
  • Splash page during application initialization: the administrator can configure a splash page to be displayed to the site visitor during an application initialization.[21]
  • ASP.NET 4.5 support: With IIS 8.0, ASP.NET 4.5 is included by default, and IIS also offers several configuration options for running it side-by-side with ASP.NET 3.5.[22]
  • Centralized SSL certificate support: a feature that makes managing certificates easier by allowing the administrator to store and access the certificates on a file share.[23]
  • Multicore scaling on NUMA hardware: IIS 8.0 provides several configuration options that optimize performance on systems that run NUMA, such as running several worker processes under one application pool, using soft or hard affinity and more.[24]
  • WebSocket Protocol Support[25]
  • Server Name Indication (SNI): SNI is an extension to Transport Layer Security, which allows binding of multiple websites with different hostnames to one IP address (similar to how Host Headers are used for non-SSL sites).[26]
  • Dynamic IP Address Restrictions: a feature that enables an administrator to dynamically block IPs or IP ranges that hit the server with a large number of requests[27]
  • CPU Throttling: a set of controls that allow the server administrator to control CPU usage by each application pool in order to optimize performance in a multi-tenant environment[28]

IIS 8.5 has several improvements related to performance in large-scale scenarios, such as those used by commercial hosting providers and Microsoft's own cloud offerings. It also has several added features related to logging and troubleshooting. The new features are:

  • Idle worker-Process page-out: a function to suspend idle site to reduce the memory footprint of idle sites[29]
  • Dynamic Site Activation: a feature that registers listening queues only to sites that have received requests[30]
  • Enhanced Logging: a feature to allow collection of Server variables, request headers and response headers in the IIS logs[31]
  • ETW logging: an ETW provider which allows collecting real-time logs using various Event-tracing tool[32]
  • Automatic Certificate Rebind: a feature that detects when a site certificate has been renewed, and automatically rebinds the site to it[33]

IIS Express

IIS Express, a lightweight (4.5–6.6 MB) version of IIS, is available as a standalone freeware server and may be installed on Windows XP with Service Pack 3 and subsequent versions of Microsoft Windows. IIS 7.5 Express supports only the HTTP and HTTPS protocols. It is portable, stores its configuration on a per-user basis, does not require administrative privileges and attempts to avoid conflicting with existing web servers on the same machine.[34] IIS Express can be downloaded separately[35] or as a part of WebMatrix[36] or Visual Studio 2012 and later.[37] (In Visual Studio 2010 and earlier, web developers developing ASP.NET apps used ASP.NET Development Server, codenamed 'Cassini'.)[38] By default, IIS Express only serves local traffic.[39][37]

Extensions

IIS releases new feature modules between major version releases to add new functionality. The following extensions are available for IIS 7.5:

  • FTP Publishing Service: Lets Web content creators publish content securely to IIS 7 Web servers with SSL-based authentication and data transfer.[40]
  • Administration Pack: Adds administration UI support for management features in IIS 7, including ASP.NET authorization, custom errors, FastCGI configuration, and request filtering.[41]
  • Application Request Routing: Provides a proxy-based routing module that forwards HTTP requests to content servers based on HTTP headers, server variables, and load balance algorithms.[42]
  • Database Manager: Allows easy management of local and remote databases from within IIS Manager.[43]
  • Media Services: Integrates a media delivery platform with IIS to manage and administer delivery of rich media and other Web content.[44]
  • URL Rewrite Module: Provides a rule-based rewriting mechanism for changing request URLs before they are processed by the Web server.[45]
  • WebDAV: Lets Web authors publish content securely to IIS 7 Web servers, and lets Web administrators and hosters manage WebDAV settings using IIS 7 management and configuration tools.[46]
  • Web Deployment Tool: Synchronizes IIS 6.0 and IIS 7 servers, migrates an IIS 6.0 server to IIS 7, and deploys Web applications to an IIS 7 server.[47]

Usage

According to Netcraft, in February 2014, IIS had a 'market share of all sites' of 32.80%, making it the second most popular web server in the world, behind Apache HTTP Server at 38.22%. Netcraft showed a rising trend in market share for IIS, since 2012.[48] On 14 February 2014, however, the W3Techs shows different results. According to W3Techs, IIS is the third most used web server behind Apache HTTP Server (1st place) and Nginx. Furthermore, it shows a consistently falling trend for IIS use since February 2013.[49]

Netcraft data in February 2017 indicates IIS had a 'market share of the top million busiest sites' of 10.19%, making it the third most popular web server in the world, behind Apache at 41.41% and nginx at 28.34%.[50]

Security

IIS 4 and IIS 5 were affected by the CA-2001-13 security vulnerability which led to the infamous Code Red attack;[51][52] however, both versions 6.0 and 7.0 have no reported issues with this specific vulnerability.[53] In IIS 6.0 Microsoft opted to change the behaviour of pre-installed ISAPI handlers,[54] many of which were culprits in the vulnerabilities of 4.0 and 5.0, thus reducing the attack surface of IIS.[52] In addition, IIS 6.0 added a feature called 'Web Service Extensions' that prevents IIS from launching any program without explicit permission by an administrator.

By default IIS 5.1 and earlier run websites in a single process running the context of the System account,[55] a Windows account with administrative rights. Under 6.0 all request handling processes run in the context of the Network Service account, which has significantly fewer privileges, so that should there be a vulnerability in a feature or in custom code it won't necessarily compromise the entire system given the sandboxed environment these worker processes run in.[56] IIS 6.0 also contained a new kernel HTTP stack (http.sys) with a stricter HTTP request parser and response cache for both static and dynamic content.[57]

According to Secunia, as of June 2011, IIS 7 had a total of six resolved vulnerabilities while[53] IIS 6 had a total of eleven vulnerabilities, out of which one was still unpatched. The unpatched security advisory has a severity rating of 2 out of 5.[53]

In June 2007, a Google study of 80 million domains concluded that while the IIS market share was 23% at the time, IIS servers hosted 49% of the world's malware, the same as Apache servers whose market share was 66%. The study also observed the geographical location of these dirty servers and suggested that the cause of this could be the use of unlicensed copies of Windows that could not obtain security updates from Microsoft.[58] In a blog post on 28 April 2009, Microsoft noted that it supplies security updates to everyone without genuine verification.[59][60]

The 2013 mass surveillance disclosures made it more widely known that IIS is particularly bad in supporting perfect forward secrecy (PFS), especially when used in conjunction with Internet Explorer. Possessing one of the long term asymmetric secret keys used to establish a HTTPS session should not make it easier to derive the short term session key to then decrypt the conversation, even at a later time. Diffie–Hellman key exchange (DHE) and elliptic curve Diffie–Hellman key exchange (ECDHE) are in 2013 the only ones known to have that property. Only 30% of Firefox, Opera, and Chromium Browser sessions use it, and nearly 0% of Apple's Safari and Microsoft Internet Explorer sessions.[61]

See also

References

  1. ^Lextrait, Vincent (February 2010). 'The Programming Languages Beacon, v10.0'. Archived from the original on 30 May 2012. Retrieved 12 February 2010.
  2. ^'Running IIS 6.0 as an Application Server (IIS 6.0)'. TechNet. Microsoft. Archived from the original on 21 September 2013. Retrieved 14 December 2012.
  3. ^'Windows NT Internet Servers'. Microsoft. 10 July 2002. Archived from the original on 19 September 2008. Retrieved 26 May 2008.
  4. ^Kramer, Dave (24 December 1999). 'A Brief History of Microsoft on the Web'. Microsoft. Archived from the original on 14 May 2008. Retrieved 26 May 2008.
  5. ^'Microsoft ASP.NET 2.0 Next Stop on Microsoft Web Development Roadmap'.
  6. ^'Chapter 1 - Overview of Internet Information Services 5.0'. Retrieved 25 October 2010.
  7. ^'Chapter 2 - Managing the Migration Process'. Retrieved 27 June 2012.
  8. ^'What's New In IIS 6.0?'. Retrieved 25 November 2010.
  9. ^'IIS 7.0: Explore The Web Server For Windows Vista and Beyond'. Retrieved 25 November 2010.
  10. ^'What's New in Web Server (IIS) Role in Windows 2008 R2'. Retrieved 25 November 2010.
  11. ^Mike Bishop; David So (11 September 2015). 'HTTP/2 on IIS'. Microsoft.
  12. ^Sourabh Shirhatti. 'New Features Introduced in IIS 10.0'. Microsoft.
  13. ^Sourabh Shirhatti; Richard Lang. 'New Features Introduced in IIS 10.0 Version 1709'. Microsoft.
  14. ^Sourabh Shirhatti. 'New Features Introduced in IIS 10.0, version 1809'. Microsoft.
  15. ^'Netscape goes to jail, does not collect $200'. InfoWorld. Archived from the original on 23 December 2008. Retrieved 12 April 2014.
  16. ^'Differences Between NT Server and Workstation Are Minimal'. O'Reilly Media. Archived from the original on 16 March 2016. Retrieved 7 July 2018.
  17. ^'Authentication Methods Supported in IIS 6.0 (IIS 6.0)'. IIS 6.0 Documentation. Microsoft. Archived from the original on 2 November 2012. Retrieved 13 July 2011.
  18. ^ ab'Changes Between IIS 6.0 and IIS 7 Security'. iis.net. Microsoft. 7 February 2010. Retrieved 13 July 2011.
  19. ^Templin, Reagan (11 August 2010). 'Introduction to IIS 7 Architecture'. iis.net. Microsoft. IIS 7 Modules. Retrieved 16 July 2011.
  20. ^'Available Web Server (IIS) Role Services in IIS 7.5'. Microsoft TechNet. Microsoft. Retrieved 13 July 2011.
  21. ^ abEagan, Shaun (29 February 2012). 'IIS 8.0 Application Initialization'. IIS Blog. Microsoft. Retrieved 19 September 2013.
  22. ^Yoo, Won (29 February 2012). 'IIS 8.0 ASP.NET configuration management'. IIS Blog. Microsoft. Retrieved 19 September 2013.
  23. ^Eagan, Shaun (29 February 2012). 'IIS 8.0 Centralized SSL certificate support'. IIS Blog. Microsoft. Retrieved 19 September 2013.
  24. ^McMurray, Robert (29 February 2012). 'IIS 8.0 Multicore Scaling on NUMA Hardware'. IIS Blog. Microsoft. Retrieved 19 September 2013.
  25. ^'IIS 8.0 WebSocket protocol support'. IIS Blog. Microsoft. 28 November 2012. Retrieved 19 September 2013.
  26. ^Eagan, Shaun (29 February 2012). 'IIS 8.0 Server Name Indication'. IIS Blog. Microsoft. Retrieved 19 September 2013.
  27. ^McMurray, Robert (29 February 2012). 'IIS 8.0 Dynamic IP Address Restrictions'. IIS Blog. Microsoft. Retrieved 19 September 2013.
  28. ^Eagan, Shaun (29 February 2012). 'IIS 8.0 CPU Throttling'. IIS Blog. Microsoft. Retrieved 19 September 2013.
  29. ^Benari, Erez (26 June 2013). 'Idle Worker-process Page Out'. IIS Blog. Microsoft. Retrieved 18 September 2013.
  30. ^Benari, Erez (3 July 2013). 'Dynamic Site Activation'. IIS Blog. Microsoft. Retrieved 18 September 2013.
  31. ^Benari, Erez (10 July 2013). 'Enhanced Logging'. IIS Blog. Microsoft. Retrieved 18 September 2013.
  32. ^Benari, Erez (15 July 2013). 'ETW Logging'. IIS Blog. Microsoft. Retrieved 18 September 2013.
  33. ^Benari, Erez (3 September 2013). 'Automatic Certificate rebind'. IIS Blog. Microsoft. Retrieved 18 September 2013.
  34. ^'IIS Express FAQ'. iis.net. Microsoft. 14 January 2011. Retrieved 27 January 2011.
  35. ^'Internet Information Services (IIS) 7.5 Express'. Download Center. Microsoft. 10 January 2011. Retrieved 27 January 2011.
  36. ^'IIS Express Overview'. iis.net. Microsoft. 14 January 2011. Retrieved 27 January 2011.
  37. ^ abHanselman, Scott; Condron, Glen (15 September 2015). '3 Introducing Model View Controller (MVC)'. Introduction to ASP.NET. Microsoft. 0:14:02.
  38. ^Guthrie, Scott (29 June 2010). 'Introducing IIS Express'. ScottGu's Blog. Microsoft.
  39. ^Gopalakrishnan, Vaidy (12 January 2011). 'Handling URL Binding Failures in IIS Express'. iis.net. Microsoft.
  40. ^'FTP Publishing Service'. iis.net. Microsoft. Retrieved 17 July 2011.
  41. ^'Administration Pack'. iis.net. Microsoft. Retrieved 17 July 2011.
  42. ^'Application Request Routing'. iis.net. Microsoft. Retrieved 17 July 2011.
  43. ^'Database Manager'. iis.net. Microsoft. Retrieved 17 July 2011.
  44. ^'IIS Media Services'. iis.net. Microsoft. Retrieved 30 July 2011.
  45. ^'URL Rewrite'. iis.net. Microsoft. Retrieved 17 July 2011.
  46. ^'WebDAV Extension'. iis.net. Microsoft. Retrieved 17 July 2011.
  47. ^'Web Deploy 2.0'. iis.net. Microsoft. Retrieved 17 July 2011.
  48. ^'February 2014 Web Server Survey'. news.netcraft.com. Netcraft. 3 February 2014.
  49. ^'Usage statistics and market share of Microsoft-IIS for websites'. w3techs. Q-Success.
  50. ^'February 2017 Web Server Survey'. news.netcraft.com. Netcraft. 27 February 2017.
  51. ^'CA-2001-13 Buffer Overflow In IIS Indexing Service DLL'. CERT® Advisory. Computer emergency response team. 17 January 2002. Retrieved 1 July 2011.
  52. ^ abHadi, Nahari (2011). Web commerce security: design and development. Krutz, Ronald L. Indianapolis: Wiley Pub. p. 157. ISBN 9781118098899. OCLC757394142.
  53. ^ abc'Vulnerability Report: Microsoft Internet Information Services (IIS) 6'. Secunia. Secunia ApS. Retrieved 1 July 2011.
  54. ^'IIS Installs in a Locked-Down Mode (IIS 6.0)'. Microsoft Developer Network (MSDN). Microsoft. Archived from the original on 30 April 2011. Retrieved 1 July 2011.
  55. ^'How To: Run Applications Not in the Context of the System Account in IIS (Revision 5.1) Microsoft Corporation'. 7 July 2008. Retrieved 20 July 2007.
  56. ^Henrickson, Hethe; Hofmann, Scott R. (2003). 'Chapter 15: ASP.NET Web Services'. IIS 6: the complete reference. New York City: McGraw-Hill Professional. p. 482. ISBN 978-0-07-222495-5. Retrieved 12 July 2011.
  57. ^Henrickson, Hethe; Hofmann, Scott R. (2003). 'Chapter 1: IIS Fundamentals'. IIS 6: the complete reference. New York City: McGraw-Hill Professional. p. 17. ISBN 978-0-07-222495-5. Retrieved 12 July 2011.
  58. ^'Web Server Software and Malware'.
  59. ^'Windows Pirates Encouraged to Install Security Updates'. USA Today. Technology Live. February 2010. Retrieved 18 July 2011.
  60. ^Cooke, Paul (27 April 2009). 'Who Gets Windows Security Updates?'. Windows Security Blog. Microsoft. Retrieved 18 July 2011.
  61. ^SSL: Intercepted today, decrypted tomorrow, Netcraft, 25 June 2013.

External links

  • Official website
  • Security Guidance for IIS on TechNet
ActivePerl

ActivePerl is a distribution of Perl from ActiveState (formerly part of Sophos) for Windows, macOS, Linux, Solaris, AIX and HP-UX.

A few main editions are available, including: Community (free, for development use only), and several paid tiers up to Enterprise that includes support for OEM licensing. It includes a version of the Perl package manager (PPM) for installing packages from CPAN, etc.

The Windows version includes an Active Scripting component for Windows Script Host (WSH) called PerlScript and an ISAPI module for embedding within Internet Information Services (IIS).

Download.ject

In computing, Download.ject (also known as Toofer and Scob) is a malware program for Microsoft Windows servers. When installed on an insecure website running on Microsoft Internet Information Services (IIS), it appends malicious JavaScript to all pages served by the site.

Download.ject was the first noted case in which users of Internet Explorer for Windows could infect their computers with malware (a backdoor and key logger) merely by viewing a web page. It came to prominence during a widespread attack starting June 23, 2004. Infected servers included several financial sites. Security consultants prominently started promoting the use of Opera or Mozilla Firefox instead of IE in the wake of this attack.

Download.ject is not a virus or a worm; it does not spread by itself. The June 23 attack is hypothesised to have been put into place by automatic scanning of servers running IIS.

IIS Metabase

Prior to IIS 7, Microsoft's Internet Information Services stores its information in an internal database called the MetaBase. The metabase is an inheritable, hierarchical database that allows for configuration of HTTP/HTTPS, FTP, SMTP, and NNTP at the server, the site, or the folder or file level. Different versions of IIS use different formats; prior to IIS version 6 this was always a proprietary format, whereas with 6.0 and later the data is stored in XML files. The metabase consists of two files, MetaBase.xml and MBSchema.xml, stored in the %SystemRoot%system32inetsrv directory. The metabase periodically gets backed up to the MetaBack subdirectory.

When Internet Information Service starts, it reads the two metabase files to create an in-memory cache of the web server's configuration, which is referred to as the in-memory metabase. Changes to the IIS configuration via the IIS Manager or programmatic changes get written to the in-memory metabase, then are persisted to the on-disk MetaBase.xml file after a number of changes.Internet Information Services' central metabase is eliminated in IIS version 7 in favor of a set of XML configuration files that are located centrally in the Machine.config and ApplicationHost.config files and within the web site's infrastructure using web.config files. This allows for synchronization of web sites across servers by including all configuration information within the web site's root directory.

Integrated Windows Authentication

Integrated Windows Authentication (IWA)

is a term associated with Microsoft products that refers to the SPNEGO, Kerberos, and NTLMSSP authentication protocols with respect to SSPI functionality introduced with Microsoft Windows 2000 and included with later Windows NT-based operating systems. The term is used more commonly for the automatically authenticated connections between Microsoft Internet Information Services, Internet Explorer, and other Active Directory aware applications.

IWA is also known by several names like HTTP Negotiate authentication, NT Authentication, NTLM Authentication, Domain authentication, Windows Integrated Authentication, Windows NT Challenge/Response authentication, or simply Windows Authentication.

Internet Server Application Programming Interface

The Internet Server Application Programming Interface (ISAPI) is an N-tier API of Internet Information Services (IIS), Microsoft's collection of Windows-based web server services. The most prominent application of IIS and ISAPI is Microsoft's web server.

The ISAPI has also been implemented by Apache's mod_isapi module so that server-side web applications written for Microsoft's IIS can be used with Apache, and other third-party web servers like Zeus Web Server offer ISAPI interfaces.

Microsoft's web server application software is called Internet Information Services, which is made up of a number of 'sub-applications' and is very configurable. ASP.NET is one such slice of IIS, allowing a programmer to write web applications in their choice of programming language (VB.NET, C#, F#) that's supported by the Microsoft .NET CLR. ISAPI is a much lower-level programming system, giving much better performance, at the expense of simplicity.

List of HTTP status codes

This is a list of Hypertext Transfer Protocol (HTTP) response status codes. Status codes are issued by a server in response to a client's request made to the server. It includes codes from IETF Request for Comments (RFCs), other specifications, and some additional codes used in some common applications of the Hypertext Transfer Protocol (HTTP). The first digit of the status code specifies one of five standard classes of responses. The message phrases shown are typical, but any human-readable alternative may be provided. Unless otherwise stated, the status code is part of the HTTP/1.1 standard (RFC 7231).The Internet Assigned Numbers Authority (IANA) maintains the official registry of HTTP status codes.Microsoft Internet Information Services (IIS) sometimes uses additional decimal sub-codes for more specific information, however these sub-codes only appear in the response payload and in documentation, not in the place of an actual HTTP status code.

All HTTP response status codes are separated into five classes (or categories). The first digit of the status code defines the class of response. The last two digits do not have any class or categorization role. There are five values for the first digit:

1xx (Informational): The request was received, continuing process

2xx (Successful): The request was successfully received, understood and accepted

3xx (Redirection): Further action needs to be taken in order to complete the request

4xx (Client Error): The request contains bad syntax or cannot be fulfilled

5xx (Server Error): The server failed to fulfill an apparently valid request

Microsoft BackOffice Server

Microsoft BackOffice Server is a discontinued computer software package featuring Windows NT Server and other Microsoft server products that ran on NT Server. It was marketed during the 1990s and early 2000s for use in branch operations and for small businesses to run their back office operations.

The small business edition of BackOffice Server was released for versions 4.0 and 4.5. In 2000 it was spun off from the 'BackOffice' brand, becoming a variant of Windows Server branded as Windows Small Business Server. BackOffice Server itself was discontinued on October 1, 2001.

Microsoft Management Console

Microsoft Management Console (MMC) is a component of Windows 2000 and its successors that provides system administrators and advanced users an interface for configuring and monitoring the system.

Microsoft Personal Web Server

Microsoft Personal Web Server (PWS) is a scaled-down web server software for Windows operating systems. It has fewer features than Microsoft's Internet Information Services (IIS) and its functions have been superseded by IIS and Visual Studio. Microsoft officially supports PWS on Windows 95, Windows 98, Windows 98 SE, and Windows NT 4.0. Prior to the release of Windows 2000, PWS was available as a free download as well as included on the Windows distribution CDs. PWS 4.0 was the last version and it can be found on the Windows 98 CD and the Windows NT 4.0 Option Pack.

Personal Web Server was originally created by Vermeer Technologies, the same company which created Microsoft FrontPage, before they were acquired by Microsoft. It was installed by FrontPage versions 1.1 to 98 as well.

NT Workstation 4.0 shipped with Peer Web Services, which was based on IIS 2.0 and 3.0. With IIS 4.0, this was renamed Personal Web Server to be consistent with the name used in 95/98.

Since Windows 2000, PWS was renamed the same IIS name used in server versions of Windows as a standard Windows component. Windows ME and Windows XP Home Edition support neither PWS nor IIS, although PWS can be installed on Windows ME. In other editions of Windows XP, IIS is included as standard.

Before Microsoft Visual Studio 2005, PWS was useful in developing web applications on the localhost before deploying to a production web server. The IDE of Visual Studio 2005 (and later versions) now contains a built-in lightweight web server for such development purposes.

FTP, SMTP, HTTP and the usual web languages such as PHP and Perl are supported by PWS. It also supports basic CGI (Common Gateway Interface) conventions and a subset of Classic ASP. Using these technologies, web applications running on PWS are capable of performing and interpreting database queries and results.

Microsoft also produced a version of Personal Web Server for the Macintosh based on code acquired in its acquisition of ResNova Software in November 1996.

Microsoft Virtual Server

Microsoft Virtual Server was a virtualization solution that facilitated the creation of virtual machines on the Windows XP, Windows Vista and Windows Server 2003 operating systems. Originally developed by Connectix, it was acquired by Microsoft prior to release. Virtual PC is Microsoft's related desktop virtualization software package.

Pph

Virtual machines are created and managed through a Web-based interface that relies on Internet Information Services (IIS) or through a Windows client application tool called VMRCplus.

The last version using this name was Microsoft Virtual Server 2005 R2 SP1. New features in R2 SP1 include Linux guest operating system support, Virtual Disk Precompactor, SMP (but not for the guest OS), x64 host operating system support, the ability to mount virtual hard drives on the host machine and additional operating systems support, including Windows Vista. It also provides a Volume Shadow Copy writer that enables live backups of the Guest OS on a Windows Server 2003 or Windows Server 2008 host. A utility to mount VHD images has also been included since SP1. Virtual Machine Additions for Linux are available as a free download. Officially supported Linux guest operating systems include Red Hat Enterprise Linux versions 2.1-5.0, Red Hat Linux 9.0, SUSE Linux and SUSE Linux Enterprise Server versions 9 and 10.Virtual Server has been discontinued and replaced by Hyper-V.

NetShow

NetShow was Microsoft's original framework for Internet network broadcasting, intended to compete with RealNetworks RealMedia & Vivo (acquired in 1998 by RealNetworks). It is now renamed and marketed under the Windows Media umbrella.

NetShow 1.0 came out in 1996. A newer version, 2.0, was included in Windows NT 4.0 SP3 in 1997. Version 3.0 came out mid-1998. The whole product line was renamed Windows Media in October, 1999, four months before Windows 2000 appeared.The NetShow name is still carried on in the user-agent string in current versions of Windows Media Player, which reports as 'NSPlayer'.

Sadmind

The Sadmind worm was a computer worm.

It exploited vulnerabilities in both Sun Microsystems' Solaris (Security Bulletin 00191) and Microsoft's Internet Information Services (MS00-078), for which a patch had been made available seven months earlier. It was discovered on

May 8, 2001.

The worm defaced web servers with a message against the United States government and the anti-Chinese cracking group PoizonBOx.

Solution stack

In computing, a solution stack or software stack is a set of software subsystems or components needed to create a complete platform such that no additional software is needed to support applications. Applications are said to 'run on' or 'run on top of' the resulting platform.

For example, to develop a web application the architect defines the stack as the target operating system, web server, database, and programming language. Another version of a software stack is operating system, middleware, database, and applications. Regularly, the components of a software stack are developed by different developers independently from one another.

Some components/subsystems of an overall system are chosen together often enough that the particular set is referred to by a name representing the whole, rather than by naming the parts. Typically, the name is an acronym representing the individual components.The term 'solution stack' has, historically, occasionally included hardware components as part of a total solution, mixing both the hardware and software in layers of support.

VBScript

VBScript ('Microsoft Visual Basic Scripting Edition') is an Active Scripting language developed by Microsoft that is modeled on Visual Basic. It allows Microsoft Windows system administrators to generate powerful tools for managing computers with error handling, subroutines, and other advanced programming constructs. It can give the user complete control over many aspects of their computing environment.

VBScript uses the Component Object Model to access elements of the environment within which it is running; for example, the FileSystemObject (FSO) is used to create, read, update and delete files. VBScript has been installed by default in every desktop release of Microsoft Windows since Windows 98; in Windows Server since Windows NT 4.0 Option Pack; and optionally with Windows CE (depending on the device it is installed on).

A VBScript script must be executed within a host environment, of which there are several provided with Microsoft Windows, including: Windows Script Host (WSH), Internet Explorer (IE), and Internet Information Services (IIS). Additionally, the VBScript hosting environment is embeddable in other programs, through technologies such as the Microsoft Script Control (msscript.ocx).

WINS

WINS may refer to:

WINS (AM), an all-news radio station in New York City

World Institute for Nuclear Security

Windows Internet Name Service

a web server solution stack built from Windows Server, Internet Information Services, .NET, and SQL Server

Wireless Integrated Network Sensors

SM&A, stock ticker symbol WINS

Off-course betting facilities operated by Japan Racing Association

Web Platform Installer

Web Platform Installer (Web PI) is a freeware, closed-source package management system that installs non-commercial development tools and their dependencies that are part of Microsoft Web Platform, including:

Internet Information Services

WebMatrix

Visual Web Developer Express Edition

Microsoft SQL Server Express Edition

.NET Framework

Patch

Silverlight Tools for Visual Studio

PHP

WordPress

Umbraco

Drupal

Joomla!

Patch

OrchardThe ability to install third-party software was added in version 2.0, released September 24, 2009. As of July 2015, Web PI can install 82 titles. Web PI 2.0's options are populated dynamically at runtime from Microsoft's servers, allowing installation options to be updated without the need to download newer versions of the Web PI itself.On July 7, 2010, Microsoft announced Web PI 3 which includes WebMatrix, a new set of integrated tools for web development. Web PI 3 installs additional tools for web development including IIS Developer Express, SQL Server Compact and DotNetNuke.

Web PI features an offline mode where products can be downloaded to a local cache on a machine where internet access is available and then use these cached files on a different machine later. However, Web PI is still not usable in environments where Internet connectivity and local administrator privileges are mutually exclusive (i.e. a given process can either authenticate through a transparent proxy, or can have High or System integrity level, but not both).

Web hosting control panel

A web hosting control panel is a web-based interface provided by a web hosting service that allows users to manage their servers and hosted services.

Web hosting control panels usually include the following modules:

Web server (e.g. Apache HTTP Server, NGINX, Internet Information Services)

Domain Name System srver

Mail server and spam filter

File Transfer Protocol server

Database

File manager

System monitor

Web log analysis software

Firewall

phpMyAdmin

Windows Activation Services

Windows Process Activation Service (also known as WAS) is the process activation mechanism introduced within Internet Information Services v7.0.

Windows Activation Service builds on the existing Internet Information Services v6.0 but is more powerful because it provides support for other protocols besides HTTP, such as TCP and Named Pipes. Windows Activation Service extends the ASP.NET HTTP hosting concept (ASMX Web Services). As a standalone Windows component, Windows Activation Service is completely separated from the IIS hosting environment and provides a protocol-agnostic activation mechanism not limited to HTTP.

Battlefront 2 Patch Update

Windows Activation Service allows the developers to choose the most appropriate protocol for their needs. For HTTP, data transfer relies on the ASP.NET HTTP. For protocols such as TCP and Named Pipes, Windows Activation Service leverages the extensibility points of ASP.NET for transferring data.

These capabilities are implemented in the form of protocol handlers, which manage communication between the worker process and the Windows service. There are two types of protocol handlers loaded when the WAS activates a worker process instance: Process Protocol Handler (PPH) and App Domain Protocol Handler (ADPH).

Windows Server 2008 R2

Windows Server 2008 R2 is a server operating system produced by Microsoft. It was released to manufacturing on July 22, 2009 and became generally available on October 22, 2009.Enhancements include new functionality for Active Directory, new virtualization and management features, version 7.5 of the Internet Information Services web server and support for up to 256 logical processors. It is built on the same kernel used with the client-oriented Windows 7, and is the first 64-bit–only server operating system released from Microsoft.

Seven editions of Windows Server 2008 R2 were released: Foundation, Standard, Enterprise, Datacenter, Web, HPC Server and Itanium, as well as Windows Storage Server 2008 R2. A home server variant called Windows Home Server 2011 was also released. It was succeeded by Windows Server 2012.

Management
tools
  • Control Panel
  • Windows Update
Apps
Shell
  • Search
Services
File systems
  • NTFS
Server
  • IIS
Architecture
  • Startup process
  • Portable Executable
Security
Compatibility
API
  • Active Scripting
  • COM
Games
Discontinued
Games
Apps
Others
Spun off to
Microsoft Store
People
Founders
Board of directors
  • John W. Thompson (Chairman)
  • Satya Nadella (CEO)
Senior leadership team
  • Satya Nadella (CEO)
  • Amy Hood (CFO)
Corporate VPs
  • Richard Rashid (SVP)
  • S. Somasegar (SVP)
Products
Hardware
  • Surface
Operating systems
Software
  • Office
Web properties
Company
Conferences
Divisions
  • Engineering groups
Estates
Campaigns
  • Where do you want to go today? (1994)
  • Champagne (2002)
  • Mojave Experiment (2006)
  • I'm a PC (2008)
  • Scroogled (2012)
Criticism
  • Windows
Litigation
  • United States v. Microsoft (2001 antitrust case)
Acquisitions

Vermeer 2 Patch Update Pph 3

Open source
Current
  • Sendmail
Discontinued
Proprietary
  • Internet Information Services
Related technologies
Related articles

Destiny 2 Patch Update

Languages

Biker 2% Patch

This page is based on a Wikipedia article written by authors (here).
Text is available under the CC BY-SA 3.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.