You can use the URLScan (isapi application)from Microsoft. You can catch this kind of attacks and many others...
Mariano Montervino -----Mensaje original----- De: Steve Moore [mailto:[EMAIL PROTECTED]] Enviado el: Mi�rcoles, 01 de Mayo de 2002 01:04 a.m. Para: [EMAIL PROTECTED] Asunto: catching cmd.exe Is there a way to filter all http requests at port 80 that include the 'cmd.exe' directive? I would prefer to simply reject these packets at the router level. The router in question allows compares of packet data but the instructions on use are rather cryptic (including masks and hex offsets). Alternatively, perhaps there is an intrusion detection system that could catch this? I need an NT solution. Thanks in advance Steve Moore _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
