Re: Microsoft Strategic Technology Protection Program

From: Greg Thatcher (gregt@LOKBOX.NET)
Date: 10/05/01 

Message-ID:  <4.2.0.58.20011004192624.012f7338@dump.roamie.com>
Date:         Thu, 4 Oct 2001 19:38:35 -0700
From: Greg Thatcher <gregt@LOKBOX.NET>
Subject:      Re: Microsoft Strategic Technology Protection Program
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

>
>In addition, what is desperately needed is some way to do the
>following;

I have written a quick-and-dirty graphical application to do some of this

>a) Probe your internal network to identify IIS installations (this
>can be done with HFNetchk, but working with its output is no fun)

It has a graphical interface, and checks for IIS machines on your network.

>b) Completely remove the IIS installation on command (remotely!), or
>render it stopped

It can remotely stop the IIS service (W3SVC) on a remote machine.

>c) Query the IIS installation and alter it, removing RDS keys,
>updating MDAC, patching it, disabling /scripts, tightening
>permissions, etc...

Time permitting, I might add some of the above features to it in the coming
weeks.

You can download it at: http://www.lokbox.net/iisscan.asp

I would be interested in hearing any suggestions or bug reports on it.

Thanks,
Greg

#! greg.thatcher / mcp,ccna
{ lokbox('www.lokbox.net')
    gregt@lokbox.net => 415.661.3363
}

============================================================================
Delivery co-sponsored by Trend Micro, Inc.
============================================================================
BEST-OF-BREED ANTIVIRUS SOLUTION FOR MICROSOFT EXCHANGE 2000
Earn 5% rebate on licenses purchased for Trend Micro ScanMail for
Microsoft Exchange 2000 between October 1 and November 16. ScanMail
ensures 100% scanning of inbound and outbound traffic and provides
remote software management. For program details or to download your
30-day FREE evaluation copy:
http://www.antivirus.com/banners/tracking.asp?si=53&BI;=245&UL;=http://www.ant
ivirus.com/smex2000_rebate

Relevant Pages

  • SecurityFocus Microsoft Newsletter #260
    ... MICROSOFT VULNERABILITY SUMMARY ... Remote: Yes ... attacker to execute arbitrary code on a vulnerable computer with SYSTEM ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #217
    ... MICROSOFT VULNERABILITY SUMMARY ... Sacred Multiple Connection Denial Of Service Vulnerability ... Gearbox Software Halo Game Client Remote Denial Of Service V... ... Relevant URL: http://www.securityfocus.com/bid/11716 ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #216
    ... MICROSOFT VULNERABILITY SUMMARY ... Ipswitch IMail Server Delete Command Remote Buffer Overflow ... ... Microsoft Internet Explorer Cookie Overwrite Vulnerability ... Relevant URL: http://www.securityfocus.com/bid/11675 ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #219
    ... MICROSOFT VULNERABILITY SUMMARY ... Headlight Software GetRight DUNZIP32.dll Remote Buffer Overf... ... Microsoft Windows Multiple Unspecified Vulnerabilities ... Relevant URL: http://www.securityfocus.com/bid/11816 ...
    (Focus-Microsoft)
  • RE: Remote Web Workplace Connect to client computer error
    ... going to attempt to download a Microsoft Remote Desktop ActiveX control ... That's going to be if the client does not ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)