Microsoft KB Archive/284285

From BetaArchive Wiki

Article ID: 284285

Article Last Modified on 12/3/2007



APPLIES TO

  • Microsoft Internet Information Server 3.0
  • Microsoft Internet Information Server 4.0
  • Microsoft Internet Information Services 5.0
  • Microsoft Internet Information Services 5.1
  • Microsoft Internet Information Services 6.0



This article was previously published under Q284285

We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:

SUMMARY

This step-by-step article describes how to use the WFetch utility (Wfetch.exe) to troubleshoot HTTP connections.

back to the top

Availability

Microsoft Windows XP Professional/Microsoft Windows Server 2003

WFetch 1.3 is included in the Internet Information Server (IIS) 6.0 Resource Kit Tools. To download the IIS 6.0 Resource Kit Tools, visit the following Microsoft Web site:

Microsoft Windows 2000/Microsoft Windows NT 4.0

WFetch 1.2 is available for use with earlier versions of Windows. To download WFetch 1.2, visit the following the following Microsoft Web site:

back to the top

WFetch Features

When you are troubleshooting connectivity issues between Internet Information Server (IIS) or Internet Information Services (IIS) and Web clients, you may want to view data that is not displayed in the Web browser, such as the HTTP headers that are included in the Request and Response packets.

WFetch is a free utility that is provided on an "as-is" basis. Microsoft does not support the utility, but you can use it to provide detailed information about the traffic between the client and server.

Warning This utility provides advanced features that can permit a user to expose a server to potential security risks. For this reason, Microsoft recommends that the utility be used only in testing, and not in a production environment. See the "Security Ramifications" section of this article for more information.

The following features are available in the current version of WFetch:

  • Multiple HTTP verbs (GET, HEAD, PUT, DELETE, TRACE, POST, OPTIONS)
  • Configurable host name
  • Configurable TCP port
  • HTTP 1.0 and HTTP 1.1 support
  • Multiple authentication types (Anonymous, Basic, NTLM, Kerberos, Digest, Negotiate)
  • Client-certificate support
  • Multiple connection types (HTTP, HTTPS, PCT 1.0, SSL 2.0, SSL 3.0, TLS 3.1)
  • Proxy support
  • Advanced requests that are entered manually or read from a file
  • On-screen and file-based logging

WFetch does not log the TCP handshake data that is used to establish and close TCP sessions. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

172983 Explanation of the Three-Way Handshake via TCP/IP


To troubleshoot connectivity issues (including TCP session data), use a utility such as Network Monitor, which captures network packets.

back to the top

Usage

After you extract the utility to a client with TCP/IP access to a Web server, start the Wfetch.exe application and follow these steps:

  1. In the Host box, type the name of a Web site (for example, www.microsoft.com).
  2. In the Path box, select the path of the file, folder, or application on the Web site that you used in step 1 (for example, /default.asp).
  3. Add any additional options based on the test that is being performed.
  4. Click Go.

back to the top

Security Ramifications

  • WFetch permits a user to store a password for later authenticated logon attempts. By default, the Save check box is not selected. When the Save check box is selected, the password that is typed in the Authentication section is written in clear-text format to the system registry in the following key:

    HKEY_CURRENT_USER\Software\Wfetch

    By default, the following accounts have Allow permissions on the Wfetch registry key:

    • Administrators (local): Read, Full Control
    • Restricted: Read
    • System: Read, Full Control
    • <CURRENT_USER>: Read, Full Control
  • To test client certificate support, WFetch can optionally install a test root certificate. Because of this, make sure that this tool not be used on production systems.
  • When you are adding a test root certification authority, WFetch automatically adds the test root certification authority as a trusted root certification authority, which can prevent the warning that typically is displayed when SSL connections are made to sites that use certificates that are issued by certification authorities that are not trusted.

back to the top

REFERENCES

For additional information about the TCP/IP three-way handshake, click the following article number to view the article in the Microsoft Knowledge Base:

172983 Explanation of the Three-Way Handshake via TCP/IP




For additional information about troubleshooting with Network Monitor, click the following article numbers to view the articles in the Microsoft Knowledge Base:

148942 How to Capture Network Traffic with Network Monitor


252876 How to View HTTP Data Frames Using Network Monitor




For additional information about Digital Certificates, Cryptography, and SSL, click the following article number to view the article in the Microsoft Knowledge Base:

195724 Description of Digital Certificates


back to the top


Additional query words: iis 5 iis5 iis 6 iis6 wfetch

Keywords: kbhowto kbhowtomaster kbdownload kbgraphxlinkcritical kbfile KB284285