Agreed, but only if you are not using the index server, or have no .ida
files in your sites. Your best bet is to get the Patch from microsoft (if
you haven't already). If you are only seeing the request in your log files,
then you are probably seeing the Code Red Worm trying to get at your server.
If it does get in, you'll find IIS will stop responding to page requests
after a while.
Shawn Grover
-----Original Message-----
From: Neil Clark [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 02, 2001 6:52 AM
To: CF-Talk
Subject: RE: default.ida?
.ida is part of the indexing service which is vulnerable to the hack via
buffer overflow; you should remove the ISAP filter from the IIS manager
configuration
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
