I would create directories such as "anything.com" which would cause errors.
Funny enough my other named directories such as "anything.ca" was working
fine.
I just attributed this to my custom installation of IIS5 on XP Home.
>From: Damien McKenna <[EMAIL PROTECTED]>
>Reply-To: [EMAIL PROTECTED]
>To: CF-Talk <[EMAIL PROTECTED]>
>Subject: Re: IIS considers "blah.com" directories to be executable?
>Date: Mon, 12 Jul 2004 13:43:12 -0400
>
>On Jul 12, 2004, at 10:17 AM, Dave Watts wrote:
> >> We were hacked because of a vulnerability that wasn't patched
> >> until the day _after_ we were hacked. Of course we didn't
> >> discover it for a while...
> >
> > What specific vulnerability was that?
>
>http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx
>
>Apache et al are quicker on fixing stuff like that.
>
> > Most IIS vulnerabilities entail services and functionality that can
> > and should be disabled for public web servers.
>
>SSL?
>
> > If configured properly, you can avoid these vulnerabilities even if
> > patches don't exist for them.
>
>Any suggestions on how the above could have been avoided?
>--
>Damien McKenna - Web Developer - [EMAIL PROTECTED]
>The Limu Company - http://www.thelimucompany.com/ - 407-804-1014
>"Nothing endures but change." - Heraclitus
>
>
>
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
