Trend Micro ServerProtect Password Reset


layout: post
title: Trend Micro ServerProtect Password Reset
date: 2021-09-15 15:02 +8
description: Password reset method
toc: false
share: true
comments: true
tags: Windows TrendMicro AntiVirus

Note

This article describes the password reset method for ServerProtect running on the Windows platform. Please read the following content carefully and check if it meets your needs.

Solution

  1. Open the regedit registry editor.
    If the OS is 64-bit, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\ServerProtect\CurrentVersion\Agent.
    If the OS is 32-bit, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ServerProtect\CurrentVersion\Agent.
  2. Delete the value of AgentPassword.
  3. The password will be reset to the default password: VPROTECT.

Thoughts

This password system is too fragile!
Doesn't this mean anyone can easily bypass the password verification?

References

Windows IIS 8 Website Unexpected 403.3 Authentication Error


layout: post
title: Mysterious 403.3 Authentication Error on Windows IIS 8 Website
date: 2021-09-15 11:49 +8
description: Adjusting folder permissions on Windows.
toc: false
share: true
comments: true
tags: IIS Windows

Note

This article provides a solution for Windows IIS 8 and later versions.

Problem Check

  1. Create a new website and create a simple helloWorld.html file. If it's in a subdirectory, remember to convert it to a "Web Application."
  2. Grant the folder permissions to "Everyone" with "Full Control."
  3. If this solves the problem, then it is confirmed to be a permissions issue.

Main Solution

  1. In wwwroot or the root directory of the website, grant the IIS_IUSRS group Read and Write permissions.
  2. Execute the command iisreset /restart to restart IIS and apply the new permission settings.
  3. On a different computer, browse the newly configured website to check if it displays correctly. If not, proceed with the alternative solution below.

Alternative Solution

  1. In wwwroot or the root directory of the website, grant the IIS AppPool\MyApplicationPoolName group Read and Write permissions.
    ※Here, MyApplicationPoolName should be the name of the website's application pool.
  2. Switch to Internet Information Services (IIS) Manager and select the website.
  3. In the right panel, under the IIS section, click "Authentication."
  4. Under "Authentication," ensure that "Anonymous Authentication" is "Enabled."
  5. Right-click on it and select "Edit...".
  6. The default option should be "Specific user": "IUsr." Switch it to the second option, "Application pool identity."
  7. Execute the command iisreset /restart to restart IIS and apply the new permission settings.
  8. On a different computer, browse the newly configured website to check if it displays correctly. At this point, my issue was resolved.

References