You're welcome. The presentation should be up on SANS soon-ish.
Kurt On Thu, Apr 16, 2015 at 4:12 PM, Ed Ziots <[email protected]> wrote: > Thanks.for the additional info > > Ed > > On Apr 16, 2015 7:10 PM, "Kurt Buff" <[email protected]> wrote: >> >> I attended the SANS webinar, and we were told that if your IIS >> installation requires authentication, it's not vulnerable. By auth, I >> don't mean SSL/TLS. >> >> That doesn't help those whose infrastructure is public facing without >> auth (basic web presence, ecommerce, etc.), but for >> Exchange/Lync/etc., it seems to be a small relief. >> >> Another small note of relief, for those who have them, is that >> PaloAlto's firewalls are supposed to have a signature for this. I'm >> sure other brands either have it or will soon. >> >> Of course, patching is still a good thing. >> >> If anyone hears anything different on any of the above, I'm all ears. >> >> Kurt >> >> >
