> Also, by partioning the web server off you prevent traversal attacks to
> youre server ie
>
http://address.of.iis5.system/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+d
> ir+c:\
I would argue that this is not a good way to go about securing your Web
Server. Permissions should be set appropriately to prevent unauthorized
access to system files, regardless of whether or not they come from a
traversal attack or some other method.
Benjamin S. Rogers
Web Developer, c4.net
Voice: (508) 240-0051
Fax: (508) 240-0057
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
------------------------------------------------------------------------------
To unsubscribe, send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body or visit the list page at www.houseoffusion.com
