issue with custom 404 page creating false-positives during security scan
Results 1 to 4 of 4

Thread: issue with custom 404 page creating false-positives during security scan

  1. #1
    Senior Member
    Join Date
    Jul 2002
    Posts
    106

    Question issue with custom 404 page creating false-positives during security scan

    hey all,

    my web guys created a custom 404 page for a client and it works just fine. i am having issues though, when i run my security scanner on the site, i get a lot of false-positives(58 to be exact). if i remove the custom error page and replace it with the original, these false exploits do not show up. the custom 404 page is just static html, nothing to fancy, so i'm not sure if it's their code or my scanner??? i did try adding a 404 string in the custom 404 page, but the scanner still got the same false-positives.

    i am trying to get this custom 404 page to not show these false-positives, so if anyone could shed some light on this for me i would appreciate it.


    btw
    web server used: iis 5.0
    security scanner used: http://www.gfi.com/lannetscan/index.htm
    just making some minor adjustments to your system....

  2. #2
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    What does your Scanner think it's finding? Does it give you any indication as to what is wrong with the page? Can you post an attachment of what your Scanner is reporting?

    Cheers:
    DjM

  3. #3
    Senior Member
    Join Date
    Jul 2002
    Posts
    106
    well, it thinks that it is finding a bunch of cgi abuses. it shows exploits for stuff that we are not even using, stuff like cold fusion, which we have never used. like i mentioned, if i place the default 404 page back where it is supposed to be and remove the custom 404 page, none of these exploits show up. which makes me think that my web guys either don't want to fix it or don't know how. course i may be wrong???

    1 - informational item found
    58 - cgi abuses found

    i'm attaching a sterilized scan report:
    just making some minor adjustments to your system....

  4. #4
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Well, that's just plain strange. I think I am going to have to defer to some of the Web Techies. here. I don't know if you can (or will), but posting a copy of the source (sterilized of course) for the custom page may help the Web people debug your problem.

    Cheers:
    DjM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •