-
bballad is right.... It's a nice little tool, M$ gives it away fro free.. :cool:, it's easy to use, it logs everything it does and it works.... Why wouldn't you use it? (Unless you are going to say that every time you complicate the environment you make it more vulnerable..... :eek: )
-
bballad, you're absolutely right. I was trying to say that sometimes you don't have to patch, sometimes you can protect your server just by a configuration change (urlscan does this for you but I like to stay in control and do it myself). I never really liked URLScan. It kinda screws up my logs which leaves me in the dark. As for filtering urls we use a reverse proxy for that.
-
Quote:
Originally posted here by bballad
Looks like none of them worked wich is a positive, im guessing that your running IIS 5, do yourself a favor and get URLScan from microsoft it will strip that stuff off of the url before it can hit the server.
not realy , running iis 6 + ...
as i mentioned that it did'nt harm my server , found it in the dropped httperrors log .
but it looked new to me so , u proz let me know wht it is :D
thanks Everyone , Im a newbie ..
im hosting my server using ONLY windows 2003 Firewall , wanna learn the hackers Behaviour , nothing is realy important running on that machine .
thanks again ,
yerz