Ars Technica

IIS authentication question

A web site that a client has to use has a "secure" area. The web site they log into is running IIS and has a password pop up. It's running that weird domain integrated authentication so nothing other ...
Dark Reading

Zero-Day IIS Vuln Bypasses Authentication

Windows sysadmins responsible for servers running Microsoft Internet Information Services (IIS) received an unexpected surprise last Friday afternoon--or first thing this morning--in the form of a ...
Ars Technica

IIS, windows authentication, load balancers and SSL

Our minor departmental ASP.NET app works great in DEV on a web server without SSL. It relies on getting the User's Windows identity from HttpContext.Current.User.Identity.Name<BR><BR>When we move the ...