IIS Protocol Listeners

Previous page
Table of content
Next page

A protocol listener is a software routine that listens on a predefined communication channel (and port), and passes transmitted data (called messages) to and from the participating server service and communicating client. IIS 7 includes five default protocol listeners: Http.sys, Net.tcp, Net.pipe, Net.p2p and Net.msmq; and additional custom listeners can be created and used. IIS 6 had only one-Http.sys. The other new protocol listeners support Microsoft's new Windows Communication Foundation web services. With the exception of Http.sys, the other listeners require .NET Framework installation and the Windows Process Activation Service (WAS), which runs in the same Svchost process as the WWW service. However, protocol listeners can be implemented using WAS and not require IIS.

Each listener runs in kernel mode, directly interacting with the operating system. Microsoft has thoroughly tested each protocol listener for security vulnerabilities, trying their best to ensure they are not susceptible to buffer overflows and other common security mistakes. Although finding every security vulnerability is almost impossible, Microsoft successfully defended IIS 6's Http.sys against every attacker for over 4 years, so they have a leading example to follow. Protocol listeners can be activated in an XML configuration file called ApplicationHost.config. To minimize possible attack vectors, only the protocol listeners needed should be activated. The follow sections summarize each protocol listener.

HTTP.SYS

When IIS 7 is installed and active, the Http.sys kernel mode driver installs as the default HTTP protocol stack listener and intercepts and caches incoming HTTP requests. It also provides caching, logging, quality of service, and bandwidth throttling for the web server. Every active Web site registers itself with the HTTP protocol stack. The Http.sys driver includes built-in support for HTTPS, SSL, and TLS, instead of requiring a separate service (i.e., HTTP SSL), as was the case in IIS 6.

Net.TCP

Net.Tcp is a protocol listener supporting a new feature called Net.TCPPort Sharing, a part of the Windows Communication Foundation (WCF). Like Http.sys, it allows multiple applications to share a single TCP network port. Http.sys relies on the HTTP protocol, whereas Net.Tcp can be used with any protocol over any TCP port, and with any application. Not enabled by default, the Net.Tcp Port Sharing service accepts inbound connections using the net.tcp protocol and forwards them to their destination application. URLs utilizing Net.Tcp will look something like net.tcp://x.x.x.x/default.aspx, and will always use the TCP protocol. The Net.Tcp Port Sharing Service service must be started for this protocol listener to work. The Net.Tcp Listener Adapter service must be enabled for the Net.Tcp listener to be able to forward to WAS.

Net.Pipe

The Net.Pipe protocol listener relies upon the Named Pipes protocol, which has long been a part of Microsoft Windows. The best short explanation of Named Pipes is that it is a file sharing and communication protocol for applications, much like NetBIOS/SMB is for users. Behind the scenes of many Windows applications, Net Pipes is used to communicate between different processes. Now Named Pipes can be used to interact with IIS and WAS, although it is reserved for local inter-process communications. The URL moniker for the Net.Pipe protocol listener is net.pipe://. The Net.Pipe Listener Adapter service must be active in order to use Net.Pipe services.

Net.P2P

Peer-to-Peer (P2P) services were originally added to Windows XP Pro SP1 and later Windows operating systems. Windows Vista offers up new native P2P services and networking transports. The Net.P2P protocol listener can be used by clients by utilizing the URL moniker for the Net.P2P protocol listener of net.p2p:// (for more information, see http://www.msdn2.microsoft.com/en-gb/library/system.servicemodel.netpeertcpbinding.scheme.aspx).

Net.MSMQ

The Net.MSMQ protocol listener is useful for advanced applications requiring message queuing. Microsoft Windows includes a robust message queue handling service, which helps triage large amounts of incoming data and to ensure the completeness of complex transactions. Developers can create their own custom message queuing protocol listeners as well. Custom MSMQ protocol listeners normally have the name of msmq.<customname>. The URL moniker for the Net.Msmq protocol listener is net.msmq://. The Net.Msmq Listener Adapter service must be started in order for the Net.MSMQ protocol listener or any msmq customer listeners to be able to pass traffic to WAS.


Previous page
Table of content
Next page
Windows Vista Security. Securing Vista Against Malicious Attacks
Windows Vista Security. Securing Vista Against Malicious Attacks
ISBN: 470101555
EAN: N/A
Year: 2004
Pages: 163
BUY ON AMAZON
High-Speed Signal Propagation[c] Advanced Black Magic
Microsoft Windows Server 2003(c) TCP/IP Protocols and Services (c) Technical Reference
C++ How to Program (5th Edition)
Mapping Hacks: Tips & Tools for Electronic Cartography
AutoCAD 2005 and AutoCAD LT 2005. No Experience Required
The Lean Six Sigma Pocket Toolbook. A Quick Reference Guide to Nearly 100 Tools for Improving Process Quality, Speed, and Complexity
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy