TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
The nt-iis-rds signature will be added in the next RealSecure XPU due out
before the end of the year.
-----Original Message-----
From: Walker Andrew [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 12, 2000 10:14 AM
To: '[EMAIL PROTECTED]'
Subject: Real secure V5.0: No ISS RDS exploit detection ???
TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
problems!
----------------------------------------------------------------------------
I managed to run the msadc.pl script by RFP and copy CMD.exe to a "soft"
IIS based target web server. Script ran successfully. I could have done any
command line hack therefore. I had RS net sensor on the same segment with
a web watcher policy enabled plus an OS sensor on the soft target with a max
policy. RS did not pick up the exploit (usage).
ISS internet scanner assesses for this particular vulnerability (IIS RDS),
there appears to be an anomaly here.
Unless I missed the signature when reading through the RS policies, this
signature appears to be missing.
Is there an xpress update containing it by any chance.
thanks in advance,
Andrew
************************************************************************
The information in this email is confidential and is intended solely
for the addressee(s).
Access to this email by anyone else is unauthorised. If you are not
an intended recipient, you must not read, use or disseminate the
information contained in the email.
Any views expressed in this message are those of the individual sender,
except where the sender specifically states them to be the views of
The Capital Markets Company.
http://www.capco.com
***********************************************************************
