TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ----------------------------------------------------------------------------
Hi, This is about HTTP_SHELL signature, which I feel not doing its function. This signature is capturing the traffic with URLs which contains "sh" or "java". Real secure gives an explanation to the event that this signature detects an attempt to get shells to execute commands. But if the signature detects any URL with entries like "/docs/api/java/util/Date.html" as an attempt to invoke Shell interpreter, then it raises a serious concern about the reliability of that signature. So far I couldn't find a single attempt related to this event which seems to be a genuine one. I had gone through the mailing list archives also, I could see the same queries were raised before.. But nobody ( even ISS Support) could give a clear explanation about this or any modification on this signature. I request you to give your feedbacks / experience on this signature, so that if this signature proves to be useless, then I need to remove it from the policy file and hence I can save a good amount of hard disk space !!! Cheers Rajesh _________________________________________________________________ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx
