Why
Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Why

  1. #1
    Senior Member
    Join Date
    Dec 2002
    Posts
    144

    Why

    Attempted Intrusion "HTTP_IIS_ISAPI_Extension" against your machine was detected and blocked
    Intruder: 203.125.112.192(1069)
    Risk Level: High
    Protocol: TCP
    Attacked IP: x.x.x.x.
    Attacked Port: http(80)

    why is the HTTP_IIS_ISAPI_Extension risk so high?
    BlAcKiE
    GearBlitz

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401

    Re: Why

    Originally posted here by Penguin
    Attempted Intrusion "HTTP_IIS_ISAPI_Extension" against your machine was detected and blocked
    Intruder: 203.125.112.192(1069)
    Risk Level: High
    Protocol: TCP
    Attacked IP: x.x.x.x.
    Attacked Port: http(80)

    why is the HTTP_IIS_ISAPI_Extension risk so high?
    Because it's remotely exploitable and yields full control over the machine.

  3. #3
    Senior Member
    Join Date
    Dec 2002
    Posts
    144
    i have been getting this warning msg this few days....what program is the offender using and i am using win98...will i be affected in anyway...
    BlAcKiE
    GearBlitz

  4. #4
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    He's not using a program. That's more than likely the Code Red family of worms. It's quite likely that the offender doesn't even know they are infected. And their computer keeps attempting to propogate other machines on the network, thus generating extra traffic and unnecessary traffic. *BLEAH to them*
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  5. #5
    If you run IIS with Frontpage extentions or such that arent upto date or configured badly its a high risk..
    if you run Apache you can have a small laugh
    Missing em ol BBS' days!
    Virtus - Splashgame.org

  6. #6
    Senior Member
    Join Date
    Dec 2002
    Posts
    144
    Originally posted here by Virtus
    If you run IIS with Frontpage extentions or such that arent upto date or configured badly its a high risk..
    if you run Apache you can have a small laugh


    where can i find the detail of this...
    BlAcKiE
    GearBlitz

  7. #7
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    What OS are you running, Penguin?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  8. #8
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Originally posted here by Virtus
    If you run IIS with Frontpage extentions or such that arent upto date or configured badly its a high risk..
    if you run Apache you can have a small laugh
    Frontpage extensions aren't even necessary. A default IIS server is enough to get it infected by numerous worms.

    Originally posted here by Penguin
    i have been getting this warning msg this few days....what program is the offender using and i am using win98...will i be affected in anyway...
    As long as you don't run anything like PWS (Personal Web Server, a stripped down version of IIS for personal use) on your win98 you have nothing to fear (at least not from this exploit).

    More details can be found at http://www.microsoft.com/security


  9. #9
    Senior Member
    Join Date
    Jan 2003
    Posts
    686
    SirDice , a little off the topic but just wondering... What if you have a router and are running a personal web server on Windows 98Se fully updated?

    The reason I ask is because I have an old Packard Bell that is worth nothing, and I am using it as my web server just pretty much as a joke. My roommate has an 8 port Microsoft router to connect his DSL to his network, and I'm just uplinked off one of his ports to my switch. I havne't noticed any problems yet (I'm running Norton Antivirus 2003 on it), but now you have raised my concern.

    Thanks,
    AciD
    [shadow]There is no right and wrong, only fun and boring...
    Formatting my server because someone hacked into it sounds pretty boring to me...
    That\'s why it\'s all about AntiOnline.com!
    [/shadow]

  10. #10
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Originally posted here by AciDriveHB
    SirDice , a little off the topic but just wondering... What if you have a router and are running a personal web server on Windows 98Se fully updated?
    It depends. Is this webserver accessible from the Internet?
    If it is not, you only have to worry about your roommate hacking it.
    If it is accessible from the Internet I suggest treating it as a full blown IIS server. This means securing it and keeping it up-to-date with patches.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •