> Mark Woods wrote: > > > > Every IIS server should be running it, or something similar. > > Why? > It helps prevent a number of security issues with IIS that allowed for the execution of commands outside of the web folder. Of course if you've locked down your box properly in the first place, it shouldn't be an issue, but belt and braces are always good when it comes to security. ;o)
People are still trying to find servers with weaknesses in their URL Security. Some poor fools actually tried these attacks on a Linux/Apache box I'm working on at the minute. (Bit hard to find the C drive when there is no lettered drives.... ;o)) Stephen ______________________________________________________________________ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm ------------------------------------------------------------------------------ To unsubscribe, send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body or visit the list page at www.houseoffusion.com
