|
Thread: Why
-
March 20th, 2003, 11:27 AM
#1
Senior Member
Why
Attempted Intrusion "HTTP_IIS_ISAPI_Extension" against your machine was detected and blocked
Intruder: 203.125.112.192(1069)
Risk Level: High
Protocol: TCP
Attacked IP: x.x.x.x.
Attacked Port: http(80)
why is the HTTP_IIS_ISAPI_Extension risk so high?
-
March 20th, 2003, 11:33 AM
#2
Re: Why
Originally posted here by Penguin
Attempted Intrusion "HTTP_IIS_ISAPI_Extension" against your machine was detected and blocked
Intruder: 203.125.112.192(1069)
Risk Level: High
Protocol: TCP
Attacked IP: x.x.x.x.
Attacked Port: http(80)
why is the HTTP_IIS_ISAPI_Extension risk so high?
Because it's remotely exploitable and yields full control over the machine.
-
March 20th, 2003, 11:44 AM
#3
Senior Member
i have been getting this warning msg this few days....what program is the offender using and i am using win98...will i be affected in anyway...
-
March 20th, 2003, 11:51 AM
#4
He's not using a program. That's more than likely the Code Red family of worms. It's quite likely that the offender doesn't even know they are infected. And their computer keeps attempting to propogate other machines on the network, thus generating extra traffic and unnecessary traffic. *BLEAH to them*
-
March 20th, 2003, 11:56 AM
#5
Member
If you run IIS with Frontpage extentions or such that arent upto date or configured badly its a high risk..
if you run Apache you can have a small laugh 
-
March 20th, 2003, 12:04 PM
#6
Senior Member
Originally posted here by Virtus
If you run IIS with Frontpage extentions or such that arent upto date or configured badly its a high risk..
if you run Apache you can have a small laugh
where can i find the detail of this...
-
March 20th, 2003, 12:15 PM
#7
What OS are you running, Penguin?
-
March 20th, 2003, 01:21 PM
#8
Originally posted here by Virtus
If you run IIS with Frontpage extentions or such that arent upto date or configured badly its a high risk..
if you run Apache you can have a small laugh
Frontpage extensions aren't even necessary. A default IIS server is enough to get it infected by numerous worms.
Originally posted here by Penguin
i have been getting this warning msg this few days....what program is the offender using and i am using win98...will i be affected in anyway...
As long as you don't run anything like PWS (Personal Web Server, a stripped down version of IIS for personal use) on your win98 you have nothing to fear (at least not from this exploit).
More details can be found at http://www.microsoft.com/security
-
March 20th, 2003, 04:30 PM
#9
SirDice , a little off the topic but just wondering... What if you have a router and are running a personal web server on Windows 98Se fully updated?
The reason I ask is because I have an old Packard Bell that is worth nothing, and I am using it as my web server just pretty much as a joke. My roommate has an 8 port Microsoft router to connect his DSL to his network, and I'm just uplinked off one of his ports to my switch. I havne't noticed any problems yet (I'm running Norton Antivirus 2003 on it), but now you have raised my concern.
Thanks,
AciD
[shadow]There is no right and wrong, only fun and boring...
Formatting my server because someone hacked into it sounds pretty boring to me...
That\'s why it\'s all about AntiOnline.com![/shadow]
-
March 20th, 2003, 04:39 PM
#10
Originally posted here by AciDriveHB
SirDice , a little off the topic but just wondering... What if you have a router and are running a personal web server on Windows 98Se fully updated?
It depends. Is this webserver accessible from the Internet?
If it is not, you only have to worry about your roommate hacking it.
If it is accessible from the Internet I suggest treating it as a full blown IIS server. This means securing it and keeping it up-to-date with patches.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
