[Fwd: Re: URL Scan for IIS]

Some posts seem to be getting dropped (or getting queued weirdly) ....I logged it with securityfocus....if your post doesn't get though within 24 hours please resubmit it and CC me. Thanks.

attached mail follows:

It's highly effective against URL and Header overflows - of which the most recent is probably the ColdFusion/JRun overflow.

It's not effective at all at many overflows that Microsoft says it is effective at preventing - the ones that occur in the body arguments. Some examples include the MSADC overflow, and the Microsoft Content Server authentication overflow.

I'll be doing a more specific demo of one of those next week at BlackHat in Seattle. Stop on by. :>

Dave Aitel
Immunity, Inc.
http://www.immunitysec.com/CANVAS/

On Sat, 22 Feb 2003 20:55:19 -0800
securityarchitect@hush.com wrote:

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

>
> I just took a lok at URL Scan and wondered if anyone has any comments
> as to its effectiveness ?
>
> Also does anyone have a decent urlscan ini file of additional strings
> they are filtering that would share for education ?
>
>
>
> Concerned about your privacy? Follow this link to get
Received on Sun Feb 23 23:48:00 2003