sure answer, yea it was an attempted hack. I see those alot on my server. personally you should never install the cfdocs on a production machine. just like you shouldn't install the IIS web admin on a production machine. another good thing to do, if you're running an ftp service, make sure that anonymous access is turned off. want even better ftp security? if you have a static IP and you know you will only be uploading from that IP, restrict FTP connection to that IP only. make sure that if you have SMTP services running that relay is only allowed from 127.0.0.1, not the ip address of the website. a great thing to do is to go to is to get the IIS security checklist. it has been updated for IIS 5.0.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/ tools/chklist/iis5chk.asp have fun Anthony Petruzzi Webmaster 954-321-4703 [EMAIL PROTECTED] http://www.sheriff.org -----Original Message----- From: Nick McClure [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 12, 2002 9:14 AM To: CF-Talk Subject: RE: Hack Attempt????? How much time was between hits? Did it look like a bot or a person trying to find something? These files have been known to open up some holes, and it is best to not install them. But on newer versions they set them to only be accessible from localhost (I think). > -----Original Message----- > From: Michael Ross [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, June 12, 2002 9:03 AM > To: CF-Talk > Subject: Hack Attempt????? > > SOmeone was trying to call all these pages last night.....I got the error > in my notfound file.....Do you think someone was just playen around, or > trying to do something..... > > /cfdocs/exampleapp/docs/sourcewindow.cfm > /cfdocs/snippets/viewexample.cfm > /cfdocs/snippets/fileexists.cfm > /cfdocs/cfmlsyntaxcheck.cfm > /CFDOCS/expeval/openfile.cfm > /CFDOCS/expeval/exprcalc.cfm > /CFDOCS/exprval/displayopenedfile.cfm > > thanks > > mike > > ______________________________________________________________________ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
