Monitoring ISAPI

 

Monitoring ISAPI works for:

 

•Native ISAPI extensions.

 

Native ISAPI

 

If you are working with native ISAPI you must use the NT Service API in your service as well as using the Monitor ISAPI method below.

 

To start monitoring ISAPI:

 

Launch menu IIS menu Monitor IIS and ISAPI... shows the Monitor ISAPI dialog below

 

or use the shortcut

 

   Monitor IIS and ISAPI

 

 

The monitor ISAPI dialog

 

Set the dll to monitor, the web root, the IIS process, an optional web browser to use and an optional url to launch, and click OK.

 

 

 

•ISAPI DLL type or Browse to set the ISAPI DLL that we're monitoring
 

•IIS web type or Browse to set the web root for the IIS website we're working with
 

•IIS process to monitor select the IIS process we're working with
 

•Web Browser select the web browser that you're going to use to load the web page
 

•URL to open in browser type the web page and arguments you want to load to cause the ISAPI to be loaded in IIS

 

•OK resets IIS, setups all the variables, copies DLLs and settings into the web root and starts the web browser to load the specified web page

 

IIS is a protected process and can only execute, read and write files in specific directories. That's why Thread Validator copies data to the web root so that it can be read, written or executed.

 

Data collection

 

Depending on your application, and what you want to validate, you may want to start collecting data as soon as injection has happened, or do it later.

 

If your program has a complex start-up procedure, initialising lots of data, it may be much faster not to collect data until the program has launched.

 

If it's the startup procedure you want to validate, obviously start collecting data immediately.

 

See the section on controlling data collection for how to turn collection on and off after launch.