Hosting Provided By

Re: URL Scan for IIS

From: Bryon Gloden <glodenb(at)certauth.cc.wmich.edu>
Date: Fri Feb 28 2003 - 09:40:52 EST

URL Scan is a must have for IIS.

We installed it about six months ago and are using the default *.ini file. The only annoyance was that we had a lot of html #include files that had a ".." in the path. URL Scan doesn't allow ".." so we had to change from paths. Other than that, it's a good start.

BTW, if you install BlackIce Server Protector, it also stops a few more things from reaching IIS.

cheers,
Bryon

Bryon Gloden
Auxiliary Enterprises
Western Michigan University

phone://269.387.3370
email://glodenb@groupwise.wmich.edu
http://auxe.wmich.edu/

Received on Fri Feb 28 11:50:15 2003

This message: [ Message body ]
Next message: Dave Aitel: "Re: Web Application Source Vulnerability Scanners"
Previous message: Bryon Gloden: "Re: URL Scan for IIS"
Maybe in reply to: securityarchitect(at)hush.com: "URL Scan for IIS"
Next in thread: Skill2die4: "Re: URL Scan for IIS"
Reply: Skill2die4: "Re: URL Scan for IIS"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:49 EDT