Re: Secured IIS Project

From: Russ (Russ.Cooper@RC.ON.CA)
Date: 07/24/01


Message-ID:  <E9A01F52DC939448BBDE44ED2E1C468F167ACA@muskie.rc.on.ca>
Date:         Tue, 24 Jul 2001 12:07:54 -0400
From: Russ <Russ.Cooper@RC.ON.CA>
Subject:      Re: Secured IIS Project
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM


-----BEGIN PGP SIGNED MESSAGE-----

My next message to the list describes a new tool I've created to
secure IIS 4.0 servers. The message will cause some anti-virus
products to complain. It doesn't contain anything that shouldn't be
allowed to pass, but some simple anti-virus content scanning engines
don't know how to detect good from bad and reject based on the use of
a word or string of characters. If you don't see the next message
from me (immediately after this one), you might want to check with
whomever administers your AV gateway/product, or the Vendor
themselves, and ask why the message didn't get through.

You can see the message by viewing the following URL;

http://ntbugtraq.ntadvice.com/SecuredIISv1.asp

Cheers,
Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.2

iQCVAwUBO12dWhBh2Kw/l7p5AQFQ7QP9F9u1I5rU03+yqKNvcAXYWW9Wg1UFY0lo
oAf7G6P8v79EgP4Cy71bGMtMFiw2rFrjl/n6pCCnrqtFO8xK1LD98h7EMY/VCH5k
Hr8Ce2Am2irYOMWXEDjrstl//w2KFYgqyB83ifGI0CL18TUjWfZmMThBO4P2Kfm+
pX5emeVGgeU=
=a0w8
-----END PGP SIGNATURE-----

----------------------------------------------------------------------------
Delivery co-sponsored by Trend Micro
============================================================================
TREND MICRO REAL-TIME VIRUS ALERTS
If you would like to know about a virus outbreak before CNN and ZDNet get
Trend Micro Virus Info Feed FREE. Simply copy and paste a small piece of
code to give your visitors a real-time top 10 list and the latest virus
advisories. Setup takes just 10 minutes and requires no server-side code on
your Web site. All content is updated automatically from Trend Micro's Web
site.
http://www.antivirus.com/banners/tracking.asp?si=8&bi=237&ul=/syndication/
vinfo/
----------------------------------------------------------------------------



Relevant Pages

  • Re: Wierd Processes Running on Windows 2003 Servers
    ... I am running up to date Trend Micro and the scan comes clean. ... performance of my servers but leaves an uneasy feeling for me. ... our computers shows a process running with "random" names that are similar ... I've run several anti-virus and malware scans and nothing's come ...
    (microsoft.public.security.virus)
  • Re: Wierd Processes Running on Windows 2003 Servers
    ... to her anti-virus software. ... If it's malware, then it's weak one. ... check your servers using different AV's. ... I am running up to date Trend Micro and the scan comes clean. ...
    (microsoft.public.security.virus)
  • eicartest
    ... If you are active in the anti-virus research field, then you will regularly receive requests for virus samples. ... A third set of requests come from exactly the people you might think would be least likely to want viruses "users of anti-virus software". ... If your test file is a program, then it should also produce sensible results if it is executed. ... A good anti-virus scanner will spot a 'virus' inside an ARCHIVEe. ...
    (comp.security.firewalls)
  • eicartest
    ... If you are active in the anti-virus research field, then you will regularly receive requests for virus samples. ... A third set of requests come from exactly the people you might think would be least likely to want viruses "users of anti-virus software". ... If your test file is a program, then it should also produce sensible results if it is executed. ... A good anti-virus scanner will spot a 'virus' inside an ARCHIVEe. ...
    (microsoft.public.security.virus)
  • [Full-Disclosure] Asynchronous, industry-wide virus naming scheme proposed
    ... The suggestion of a numerical naming ... The autumn 2003 conference of computer virus researchers in Toronto ... vendors sharing full samples with each other, ... Just like the current Net system of 13 root level DNS servers and ...
    (Full-Disclosure)