One of the most anticipated features for IIS is now available. Yesterday the first preview of the URL re-write module for IIS 7 was launched. It is free for all IIS7 users and available for download x86 and x64.

So what does it do exactly?
The URL Rewrite Module provides a rule-based rewriting mechanism for changing request URL’s before they get processed by IIS. The module supports regular expression based URL rewriting logic or a simpler wildcard-based URL rewriting logic. Rewriting decisions can be based on the URL, HTTP headers and server variables. While the primary purpose of the module is to rewrite URLs, it also has functionality to perform redirects, send custom responses and abort requests based on the logic expressed in the rewrite rules.

Here is a quick feature overview:

• Rules-based URL rewriting engine. Rules are used to compare/match the request URL with and what to do if comparison was successful.
  • Regular expression pattern matching. Rewrite rules can use ECMA-262 compatible regular expression syntax for pattern matching.
  • Wildcard pattern matching. Rewrite rules can use Wildcard syntax for pattern matching
• Back-references to patterns and conditions. Back-references are used to capture parts of a matched URL so that it can be re-used later in a rule when constructing a substitution URL string. Back-references are available with regular expression and wildcards patterns.
• Global and distributed rewrite rules. Global rules are used to define server-wide URL rewriting logic. Global rules cannot be overridden or disabled by lower configuration levels. Distributed rules are used to define URL rewriting logic specific to a particular configuration scope, e.g. an web application.
• Access to server variables and http headers. Server variables and HTTP headers provide additional information about current HTTP request. This information can be used to make rewriting decisions or to compose the output URL.
• Various rule actions. Instead of rewriting a URL, a rule may perform other actions, such as issue an HTTP redirect, abort the request, or send a custom status code to HTTP client.
• Rewrite maps. Rewrite map is an arbitrary collection of name-value pairs that can be used within rewrite rules to generate the substitution URL during rewriting. Rewrite maps are particularly useful when you have a large set of rewrite rules, all of which use static strings (i.e. there is no pattern matching used). In those cases, instead of defining a large set of simple rewrite rules, you can put all the mappings between input URL and substitution URL as keys and values into the rewrite map, and then have one rewrite rule which references this rewrite map to look up substitution URL based on the input URL.
• UI for managing rewrite rules. Rewrite rules can be added, removed and edited by using “URL Rewrite Module” feature in IIS Manager.
• GUI tool for importing of mod_rewrite rules. URL rewrite module includes a GUI tool for converting rewrite rules from mod_rewrite format into IIS format.

Install the URL Rewrite Module today!

Microsoft URL Rewrite Module for IIS 7.0 CTP1 (x86)

Microsoft URL Rewrite Module for IIS 7.0 CTP1 (x64)

Sourced from : Bill & Thomas’s IIS blog’s 

Yep…It’s still going-and its worse than ever it seems. Hundreds of thousands of unsuspecting people are stillstumbling across perfectly legitimate websites that have been compromised by an SQL injection, and as a result are infected with a nastyTrojan.
These types of Trojans are known for changing an affected system’s local DNS and Internet browser settings, thus making the system vulnerable for even more potential threats. (Trend Micro have written a very good post explaining what happens once infected)

Therefore I thought I would take some time to mention a dew domains (courtesy of f-secure) admins should block to avoid any possible chance of infection:

yl18.net

www.bluell.cn

www.kisswow.com.cn

www.ririwow.cn

winzipices.cn

www.wowgm1.cn

www.killwow1.cn

www.wowyeye.cn

vb008.cn

9i5t.cn

computershello.cn

This is a good time to again mention that this not a vulnerability in Microsoft IIS or Microsoft SQL that is used to make this happen. If you are an administrator of a website that is using ASP/ASP.NET, you should make sure that you sanitize all inputs before you allow it to access the database.

There are many articles on how to do this such as this one. You could also have a look at URLScanwhich provides an easy way to filter this particular attack based on the length of the QueryString.

Hi All,

For those of you looking for a list certified hardware for Windows Server 2008 (x64), here’s the current and growing list:

All Hardware Items: http://www.windowsservercatalog.com/results.aspx?&bCatID=1283&cpID=0&avc=11&ava=23&avq=0&OR=1&PGS=25&ready=0

For details:

Product category

Storage (371)
Networking (102)
Servers (102)
Other Hardware (26)
Printers (20)
Bus Controllers and Ports (13)
Cameras and Video (5)
Scanners (2)
Input Devices (1)
Sound (1)

If you would like per Vendors:

Vendor

Intel Corporation (97)
Hewlett-Packard Company (82)
Dell Inc. (64)
NetApp (63)
HITACHI, Ltd. (30)
Fujitsu Siemens Computers (28)
QLogic Corporation (26)
EMC Corporation (21)
IBM (13)
Pioneer Corporation (13)

More…

Sourced from Nick MacKechnie’s MSDN blog

HEROES Happen {HERE}

Microsoft have just posted the resources from the Windows Server, SQL Server & Visual Studio Heroes happen {Here}  launch. Check them out they are very informative indeed!

Catergorys include:

• Session 1 | What’s New in Windows Server 2008
• Session 2 | Virtualization and Your Infrastructure
• Session 3 | Securing Your IT Infrastructure with Windows Server 2008
• Session 4 | Exploring Windows Server 2008 Web and Application Technologies

Find the links to the slides here: http://www.technetbriefings.com/2008-launch-resources.aspx

After investigating public reports, Microsoft has published Microsoft Security Advisory 951306, which describes a vulnerability that affects multiple versions of Windows (including Windows XP Professional Service Pack 2, all supported versions and editions of Windows Server 2003, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008.)

The newly found security flaw could potentially allow a malicious local user (who has authentication) to execute specially crafted code to raise his privilege level to LocalSystem. IIS and SQL Server are the main attack vectors. But other vectors are possible, such as Microsoft Distributed Transaction Coordinator (MSDTC) on Windows Server 2003.

The vulnerability looks like it basically allows for any process that has the SeImpersonatePrivilege to execute some code and be able to impersonate LocalSystem (which has the NT AUTHORITY\SYSTEM SID and a wealth of privileges in its token). For Windows 2003 and beyond the users awarded that privilege are in the Network Services, Local Services, Local System, and Administrators groups. On Vista/Server 2008 you additionally won’t have the privilege unless you’ve elevated. That fortunately reduces the scope of this otherwise highly serious vulnerability, though it still isn’t pretty.

It must be noted however  Microsoft stated in its advisory that- “Hosting providers may be at increased risk from this elevation of privilege vulnerability.” However, no exploitation has been observed at this time.
Microsoft Security Advisory 951306

If you are a Microsoft Certified Systems Administrator (MCSA) or a Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003, you can now transfer your skills to achieve multiple Microsoft Certified Technology Specialist (MCTS) certifications or Microsoft Certified IT Professional (MCITP) credentials on Windows Server 2008.

For the first time, the transition path is available before the product release. If you have a Windows Server 2008 certification on your resumé, you have an excellent opportunity to catch the eye of early adopter organizations. Microsoft Learning developed this transition path to recognize the investment and expertise you have demonstrated throughout your certification history—don’t miss your chance to take advantage of these new certifications.

Your path consists of one exam, which allows you to earn multiple Microsoft Certified Technology Specialist (MCTS) certifications on Windows Server 2008.
-First step: Take one exam to earn MCTS certification on Windows Server 2008

From there, you can complete the remaining requirements for one or both of the Microsoft Certified IT Professional (MCITP) certifications for Windows Server 2008.
-Your transition path from MCSA on Windows Server 2003 to MCITP 
-Your transition path from MCSE on Windows Server 2003 to MCITP

Because there is a significant technology gap between Windows 2000 Server and Windows Server 2008, only IT professionals with specific Microsoft Certifications on Windows Server 2003 can utilize these transition or upgrade paths. In addition, there is no upgrade path from messaging or security specializations to Windows Server 2008 certifications.

 Check out all the details here:
Thanks Microsoft