If your (NT) server has had the posix and os/2 subsystems removed, they'd have problems. I believe Microsoft released an update on this as it was a major security loophole.
Mike -----Original Message----- From: Rj Subramanian [mailto:[EMAIL PROTECTED]] Sent: Friday, November 09, 2001 12:50 AM To: [EMAIL PROTECTED] Subject: RE: Location of web root Hey all, Directory traversals are one thing, but can anybody think of any reason why an attacker couldn't use the posix subsystem to navigate to whichever drive\partition\directory he or she wanted to test? Rj Subramanian Vanir MIS -----Original Message----- From: Renouf, Phillip [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 06, 2001 4:46 AM To: [EMAIL PROTECTED] Subject: RE: Location of web root The first major points about placing the wwwroot in a non-standard location is for the Directory Traversal exploit as you've brought up already. Many exploits will either rely on, or look for default settings like placing your websites in the c:\inetpub\wwwroot directory. The way that I generally set it up is to move the www and ftp roots to another drive, rename the wwwroot part to something else. I also acl the original inetpub directory so that only admin has access, remove the default virtual directories and move the log files off the C: drive. I've got two reasons for moving the logs: get them out of the standard directory and make sure they are on another drive so the log can't fill up the drive and bring the server down. Phil > OK Everyone, I need some help! > > I'm trying to articulate the reasons why it's better to place > the root of a > website on a separate partition, or at least in a separate > directory from > the application which uses IIS as a front-end... ________________________________________________________________________ This email has been scanned for all viruses by the Star Internet Virus Screen. The service is provided in partnership with MessageLabs, the email security company. For more information on a higher level of virus protection visit www.star.net.uk ________________________________________________________________________ ________________________________________________________________________ This email has been scanned for all viruses by the Star Internet Virus Screen. The service is provided in partnership with MessageLabs, the email security company. For more information on a higher level of virus protection visit www.star.net.uk ________________________________________________________________________
