Tweet
IIS 6 is locked down by default. Parent Paths is a way for a hacker to
navigate to a folder on the web server that has execute permissions, and in
that way execute scripts that you normally shouldn't and wouldn't execute.
If you enable this, make sure that you do not give execute permissions to a
parent folder. To enable Parent Paths, follow these steps:
a.. Click Start->Programs->Administrative Tools->Internet Information
Services
b.. Expand Web Sites and right click the web site you want to enable this
for (i.e Default Web Site), click Properties
c.. Click the Home directory tab and click the Configuration button
d.. Click on the Options tab
e.. Check the box Enable Parent Paths
navigate to a folder on the web server that has execute permissions, and in
that way execute scripts that you normally shouldn't and wouldn't execute.
If you enable this, make sure that you do not give execute permissions to a
parent folder. To enable Parent Paths, follow these steps:
a.. Click Start->Programs->Administrative Tools->Internet Information
Services
b.. Expand Web Sites and right click the web site you want to enable this
for (i.e Default Web Site), click Properties
c.. Click the Home directory tab and click the Configuration button
d.. Click on the Options tab
e.. Check the box Enable Parent Paths
