Brand new spanking
download center for IIS users :) You can get all tool/utilities/free stuff from Microsoft as well as third party vendors! So what you waiting for ? Go check it out!
For starter - try the
LeechGuard module from
Mike Volodarsky.
No doubt IIS 7 is the next evolution of Microsoft webserver, it will soon rewrites the history of Internet webserver, and not sure how this chart will look in recent future :) As of today, to experience IIS 7, you can of course get Vista for client OS, or the complete set of IIS 7 with Longhorn (beta2). Now, been playing for Vista Ultimate RTM for months, top of the line Dell desktop - yet somehow not really stable and slow. Unstable could be the drivers for various hardware, slowness ? have not got single clue. It boots slower than my laptop XP, and it has score of 5.3 in term of Windows Experience Index, FYI 6.0 is the current full score! plan to rebuild the box... will do that after the major release to general public.
Anyway, what's the deal about missing pieces of UI in Vista II7? Well, not sure the reason behind, timeline / change freezed would be the reason why you are not seeing certain UI in Vista. So far, I have noticed few:
a) Http Redirect - where you redirect browser request. so how to deal with this? Jon has the answer.
b) Logging UI - UI to configure various logging options, etc. I found this one pretty annonying :) especially, if you are like me! I'm clueless about asp.net configuration, with the tight integration between asp.net and IIS 7. You need to understand how does the configuration system works. E.g. like config section, inheritance, locking, etc. I spent few hours trying to figure out to do this via appcmd.exe and in between that killed my IIS 7 :( Anyway, Steve has got some pretty good info for this.
Update: 01/02/2007 Tobin just released the Logging UI add-on @ IIS.Net Download Center!
c) IP Restriction - configuration for IP address or domain name restriction, something that we don't see this in client OS version. but according to this featuresets matrix, the IpRestrictionModule is included. The funny part is if you try the directory security tab for IIS FTP (managed via the IIS 6 MMC), the restriction option is not enabled - same deal as previous client OS where the IP restriction feature is only available for server OS. Since my IIS 7 is gone, I can't try to configure this via appcmd.exe
d) Certification Mapping - ha! actually came across this from Ulad today, this is where you configure client certificate authentication.. Ulad developed a script to configure one-to-one cert mapping. To be honest, out of many years of using IIS, I have yet to work on one project that required client cert.
That's it. I believe there's more missing UI or didn't make it to Vista IIS 7. Not sure if Microsoft going to fix this, but I do hope somehow somewhere, an update package will come out soon.
Update: 
Microsoft is going to address this in Vista SP1 timeframe. Special thanks to Bill Staples for the information.
From time to time, many users asked about how to configure IIS FTP to prevent brute force or dictionary attacks. The answer is NO, IIS FTP does not help you prevent this natively. If there's only few known attack IP addresses (check iis ftp log file), you can manually block those IP address via the IP Address / Domain Name restriction setting. Now, what if you need a smart way to detect the attack and automatically block those IP addresses ? Well, I have came across the following scripts that will be able to help you, try:
a) http://blog.netnerds.net/2006/07/ban-administrator-ftp-login-attemps/
b) http://www.codeproject.com/useritems/FTPSecurity.asp
c) Updated link - http://www2.irobx.net:8010/serendipity/index.php?/archives/1-FTP-autoban-script-for-IIS.html
d) http://blog.netnerds.net/2006/07/iis-instantly-ban-ips-attempting-to-login-to-ms-ftp-as-administrator/
Note: I have not tested any of it :) why? it is not because I don't get attack, it's because the environment I running now is within VPN connection + there's smart IDS which help prevent the attack from internal. Next, you may also want to take note that eventually when you may end up with thousand of IP addresses in the restriction list, sometime it will be quite hard for you to manage it, say maybe you need to remove one or few of the IP addresses, and also each time a new connection to the IIS FTP, IIS will scan through the list before deciding whether or not the connection is 'acceptable', hence there's overhead and consume certain server resources, that's why I felt the best way to block the attack is always at the router/firewall level. make sense ?
Hello...... a late happy new year of coz! where have I been? a) busy as usual, b) lazy - and I got a reason for that, I mean due to a) I'm working hard to get free time for newsgroups and forums in additional not much things blog... because the folks here have more internal and latest info :) why ? coz they are the product team! that's why!!! Kekeke... so don't forget to rss this feed.
Anyway, here's the new KB for December last year.
929772 Error message when you try to install the ASP.NET feature in IIS 7.0: "An error has occurred"
926361 The Inetinfo.exe process, the Dllhost.exe process, or the W3WP.exe process may close unexpectedly when you exit IIS or when IIS recycles the application pool
922735 You receive an HTTP 404 error message or a "Cannot find server or DNS error" error message when you try to view a Web page that is hosted on a Web server that is running IIS 5.0