CertCities.com -- The Ultimate Site for Certified IT Professionals
Free CertCities.com Newsletter via E-mail Share share | bookmark | e-mail
  Microsoft®
  Cisco®
  Security
  Oracle®
  A+/Network+"
  Linux/Unix
  More Certs
  Newsletters
  Salary Surveys
  Forums
  News
  Exam Reviews
  Tips
  Columns
  Features
  PopQuiz
  RSS Feeds
  Press Releases
  Contributors
  About Us
  Search
 

Advanced Search
  Free Newsletter
  Sign-up for the #1 Weekly IT
Certification News
and Advice.
Subscribe to CertCities.com Free Weekly E-mail Newsletter
CertCities.com

See What's New on
Redmondmag.com!

Cover Story: IE8: Behind the 8 Ball

Tech-Ed: Let's (Third) Party!

A Secure Leap into the Cloud

Windows Mobile's New Moves

SQL Speed Secrets

CertCities.com
Let us know what you
think! E-mail us at:
 
 
...Home ... Editorial ... Columns ..Column Story Thursday: January 14, 2010
TechMentor Conferences


Microsoft: Under the Hood  
Don Jones
Don Jones
Why You Should Care About IIS 6
IIS 6 may seem similar to 5 on the surface, but it's what's underneath that makes this upgrade so important.
by Don Jones  
10/15/2003 -- Internet Information Services (IIS) 6 is one of Win2003's most-touted new features, but you may be asking yourself, "Who cares?" After all, IIS is IIS is IIS, right? What could Microsoft possible have added to make it better (or worse)? Heck, even the administrative interface looks almost identical to IIS 5, with the exception of some minor icon changes. Is it really that different? The answer, of course, is "absolutely!" This month I'll try to expose some of what's new under the hood in IIS 6.0.

All-New Architecture
Perhaps the most important under-the-hood feature is IIS' all-new architecture. To really appreciate how improved it is, let’s quickly review how IIS 5 and prior versions were built.

In previous versions of IIS, 100 percent of IIS' code ran in user mode. Windows, as you may know, has two basic memory spaces: user and kernel. Everything in user space is protected from everything else in user space, and most applications execute there. Kernel mode is reserved for the OS itself, device drivers and other low-level components. Kernel mode is very sensitive; in fact, many blue screen crashes come from poorly-written kernel mode software. In short, kernel mode has the ability to take down the entire machine. Of course, the benefit of kernel mode is pure speed: Nothing can access memory and system services as fast as software running in kernel mode.

IIS 5 also ran under a single memory space. This meant that IIS, any IIS filters (such as the filters that make Active Server Pages work), and any user code (such as ASP pages) all share a memory space. If poorly written code is executed, or vulnerability exploited, that entire memory space can be taken down, effectively crashing IIS.

So, in IIS 5, IIS would register with the operating system to receive traffic from ports 80 (HTTP), 443 (HTTPS), 20 and 21 (FTP), and so forth. The OS would hand traffic off to IIS, passing that traffic from the kernel mode TCP/IP driver to the user mode IIS code. IIS would then put the traffic into the correct virtual server, execute ASP code, and do whatever else was necessary.

Those were the old days. With IIS 6, everything changes. To start with, there's a new piece of kernel mode software: Http.sys. This driver, written by Microsoft, is responsible for receiving all IIS-bound TCP/IP traffic from the TCP/IP stack. Running in kernel mode gives the new driver a huge speed advantage, and the fact that only Microsoft-written code is in Http.sys should ideally make it as stable as possible. Http.sys never executes any code, such as ASP code, not written by Microsoft. This means any future exploits found in ASP, ASP.NET, or some other segment of IIS can't be exploited to crash kernel mode.

Http.sys' job is to hand off traffic to the user mode portions of IIS. All user-written code -- ASP, ASP.NET, etc. -- runs in user mode. So now, a poorly-written ASP page won’t necessarily crash the entire IIS server. Because Http.sys is separate and living in kernel mode, it's protected and the server will be able to continue processing traffic.

IIS provides memory segmentation for user mode, too, through the use of application pools. Each application pool (there's one by default, but you can create more) occupies a dedicated memory space. So if one application pool crashes, the others will continue to live, and will receive traffic directly from Http.sys. Each virtual server you create can be assigned to a specific application pool.

For servers running multiple Web sites, you can segregate each Web site so that one crashes site won't affect the other sites. Http.sys will deliver incoming traffic to the proper site (passed on destination port, IP address, and host headers). It's a great idea, under IIS 6, to assign each Web site to a separate application pool, provided your server has sufficient memory to support them all. That way, a single crashed site won't affect anything else.

Scalability
Each application pool is served by a single worker process, which can be defined as a single thread of execution, which processes all ASP pages, Web page requests, and whatever else your Web site handles. You can, however, configure an application pool to support multiple worker processes. When you do so, the application pool is referred to as a Web garden.

You probably are familiar with the term Web farm: It's two or more identical Web servers that balance incoming requests across them. To users, the servers appear to be one gigantic server, but to you they're a great way to create scalable Web sites. A Web garden is a similar concept, sort of a "Web farm within a server." When you create multiple worker processes for an application pool, IIS will load balance incoming requests across the available processes. If one process hangs, IIS can kill it automatically and try to restart it, thus keeping the Web site performance as high as possible. Because a lot of user code -- like ASP pages -- can contain memory leaks, IIS can also periodically recycle a worker processes, ending it and creating a new one to ensure that resource utilization is as efficient as possible.

With Web gardens, a single poorly-performing Web page -- say, a Web page that's executing a large query -- won't necessarily hand the entire Web site, because additional worker processes are available to handle other Web requests in parallel. You can configure all of these worker process options within the application pools you create (open up the IIS 6 MMC and you'll notice a new folder for application pools).

Security
IIS 6 is also supposed to be a brand-new way of thinking about security, and it really delivers on that promise. Prior versions of IIS had the goal of being as functional as possible "out of the box." IIS 6 isn't even installed by default. When you do install IIS 6, the default installation options provide you with an absolutely stripped-down Web server capable only of serving harmless, static HTML pages. If you want to offer ASP, server-side includes, WebDAV, FrontPage, or anything else, you'll need to install each of those options individually from the Add/Remove Windows Components control panel. The theory is that each of those components comes with its own security risks, and that you as the administrator are acknowledging those risks by explicitly installing the components. That's far better than Microsoft just plunking them all down without you even being aware of what's going on!
Http.sys itself also lends some basic security beef to IIS. For example, it conducts a brief examination of all requests, and willr eject requests with obvious buffer overflows, malformed packets, and so forth. Http.sys also checks with the file system on each request, and will discard any requests for pages that don't exist. This helps defeat certain types of Denial of Service (DoS) attacks, which request random, nonexistent pages from the Web server. Http.sys can ignore these requests with relatively little effort, rather than passing the request into user mode and forcing IIS to do something about it.

Worth Your While
From both an architecture, performance, and security standpoint, IIS 6 contains a lot of new features and designs under the hood. While the MMC might not look very different from prior versions of IIS, what's running on your 2003 servers is a redesigned, rewritten version of IIS that's intended to address most of the security, stability, and performance issues of prior versions. Upgrading from IIS 5 is usually a piece of cake, and IIS 6 even offers a backwardly-compatible "IIS 5 Process Isolation Mode" that forces IIS 6 to behave more like IIS 5. This setting can help you migrate complex Web sites that rely on IIS 5's specific memory and process management techniques.

To me, IIS 6 is one of the "killer apps" that will help drive Win2003 upgrades. Any NT or 2000 Web servers you've got will benefit from a 2003 upgrade. Microsoft even offers Windows Server 2003 Web Edition, which is a stripped-down version of Windows intended primarily as a platform for Web servers. It's a lower-cost version of Windows Server 2003 (the lowest, in fact) and gives you everything that IIS 6 will become famous for.
Don Jones is the owner and operator of ScriptingAnswers.com, a speaker at national technical IT conferences, and the author of nearly twenty books on information technology. His latest book is "Managing Windows with VBScript and WMI" (Addison-Welsey) and he's completing "Windows Administrator's Automation Toolkit" (Microsoft Press). You can reach Don at his Web site or at .
 

More articles by Don Jones:

-- advertisement --


There are 29 CertCities.com user Comments for “Why You Should Care About IIS 6”
Page 3 of 3
11/3/03: yeah right says: sure, you did
11/4/03: Yoda says: Hack your sight I may. Easy it would be. Apache if you run, especially. Strong with me is the force. Pepperoni on my pizza if you please. Pass some gas I may...
11/5/03: Nick from Silicon Valley says: Most if not all web servers have security flaws. Some more than others. In Microsoft's case, all IIS versions before 6 tend to default to have things open so it's easier to the newby to set up. Of course that increases the attack surface for hackers. You've to use extras such as IISLockdown and URLScan to lock it down. It's good MS has changed direction to default to least privilege, but there's still quite a way for them to go to make it more secure-->they need to prioritize security higher than convenience. A lot of times, web sites get hacked because it was not updated, or there was likely something the administrator forgot to do to lock it down. Apache (or any web server for that matter) can and will get hacked if the person setting it up doesn't keep it updated and properly locked down...
11/12/03: Peace says: Hacking Apache on SUN system ! Why not ? http://www.securityfocus.com/news/493 Seems to be possible. By the way, security patchs for Microsoft products are usualy available many time before the security hole have been exploit.
11/29/03: JokerDoom says: You are all such children in the world of security, its cute.
12/5/03: Eric Gormly from CT says: this was a great article. Explained a lot in laymens terms that Microsoft neglected. IIS 6 is a fantastic improvement over 5 Thank you for explaining web garden and application pools so well
2/27/04: Kria says: For those of you that state that Apache is un-hackable and the reason IIS gets hacked more often is because it is unstable and full of holes, you need to look at the listed vulnerabilitis in each and then look at human behavior. Right now, most of the business world is running on MS products; be it Windows, office, etc. Now, if you are a hacker, you want to go after targets that will cause the most damage and land your virus or hack the most fame for the bragging rights, or in some cases have some political point to make about how software should be free or some BS. What are a business largest security hole? Users and administrators that do not know what they are doing. People who use microsoft tend to be lazy and think that the OS will do everything for them and they will reap the benefits. The fact is, that all OS's have holes, 'nix admins are usually more specialized than NT admins because of the specialized nature of the OS. Hackers go after the MS world because they know that anyone with a home PC thinks they are a network admin and don't know all of the in-depth features of the OS. I am a network admin that runs Linux, Windows and Unix and from experience, all have their flaws and holes, but most end users will try to tell that they know how to administer a windows server because they are running windows personal web server at home or something not realizing how little they know. However, bring Unix up to most users, and they will just give you a blank look. Don't put the blame on the OS; a computer is realistically only as smart as its user. Instead, try putting the blame where it belongs, on the hackers for hacking and writing virus' or on the ignorant users that favor sleeping at their desks over monitoring their networks. From a personal stand point, I like all of the OS' I mentioned for one reason or another. All of them have their strengths.
2/27/04: BONK says: Bonk say all OS hackable, i hack many, ill hack many more but not DataOntap to hard, me try and try but cannot do, me thinks it impossible. But nothing safe for long only a matter of time before someone hack it, then i laugh. Kira say right so many holes, to many fat lazy admins to plug them all, i laugh and make them run around like crazy then i stop so they think it fixed but then i start agian and laugh harder.
8/8/06: Anonymous says: Saying Apache isn't hackable isn't even worth a response. I seriously hope that anyone who truely believes that - is not currently employed in the tech industry. A simple google search will prove that notion wrong. Hell - don't even do a google search. Go straight to the source: (from apache.org) http://httpd.apache.org/security_report.html
First Page   Previous Page     Last Page
Your comment about: “Why You Should Care About IIS 6”
Name: (optional)
Location: (optional)
E-mail Address: (optional)
Comment:
   

top
Home | Microsoft® | Cisco® | Oracle® | A+/Network+" | Linux/Unix | MOS | Security | List of Certs
Advertise | Contact Us | Contributors | Features | Forums | News | Pop Quiz | Tips | Press Releases | RSS Feeds RSS Feeds from CertCities.com
Search | Site Map | Redmond Media Group | TechMentor Conferences | Tech Library Webcasts
This Web site is not sponsored by, endorsed by or affiliated with Cisco Systems, Inc., Microsoft Corp., Oracle Corp., The Computing Technology Industry Association, Linus Torvolds, or any other certification or technology vendor. Cisco® and Cisco Systems® are registered trademarks of Cisco Systems, Inc. Microsoft, Windows and Windows NT are either registered trademarks or trademarks of Microsoft Corp. Oracle® is a registered trademark of Oracle Corp. A+®, i-Net+T, Network+T, and Server+T are trademarks and registered trademarks of The Computing Technology Industry Association. (CompTIA). LinuxT is a registered trademark of Linus Torvalds. All other trademarks belong to their respective owners.
Reprints allowed with written permission from the publisher. For more information, e-mail
Application Development Trends | Campus Technology | CertCities.com | The Data Warehousing Institute
E-Gov | EduHound | ENTmag.com | Enterprise Systems | Federal Computer Week | FTPOnline.com | Government Health IT
IT Compliance Institute | MCPmag.com | Recharger | Redmond Developer News | Redmond | Redmond Events | Redmond Channel Partner | Redmond Report
TCPmag.com | T.H.E. Journal | Virtualization Review | Visual Studio Magazine | VSLive!
Copyright 1996-2009 1105 Media, Inc. See our Privacy Policy.
1105 Redmond Media Group