[BUG-CORRECTION] IISShield "Server" header costumization
From: Tiago Halm (thalm_at_NETCABO.PT)
Date: 04/17/04
- Previous message: Thor Larholm: "Re: MS04-011 Break SSL support in IE 6.0.3790.0 with Windows 2003"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 17 Apr 2004 18:05:44 +0100 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Hi all,
A new version (v1.0.4) of IISShield was released concerning a bug correction
regarding the parsing of the "Server" header costumization. The problem
concerned the interpretation of the "Server" header costumization. When the
objective was to leave the "Server" header with its default value, IISShield
would wrongly remove the "Server" header from the HTTP Response.
Download of the new version (v1.0.4) is available at
http://www.kodeit.org/products/iisshield/download.htm
If anyone finds any other problems, please feel free to report them to me or
to the IISShield mailing list available at:
http://groups.yahoo.com/group/IISShield/
As always, thank you for the given support,
Tiago Halm
KodeIT Development Team
http://www.kodeit.org
<snip>
IISShield is an IIS ISAPI Filter preventing any known and unknown attacks
from disrupting IIS. The preventive approach of IISShield is an added value
preventing IIS from even trying to interpret requests trying to break-in.
With a detailed logging engine, IISShield helps IIS administrators to know
in advance and protect IIS from known or unknown HTTP attacks that flow over
the Internet.
The configuration is quite detailed giving the ability to precisely decide
over what is accepted and what is not regarding the HTTP Layer.
RFC Compliance is just one of the core features of IISShield offering an
assurance of quality of service to the IIS Administrator.
Technical comparison with another well known tool with similar capabilities
is also provided outlining the powerfull capabilities of IISShield.
...
IISShield can be downloaded from
http://www.kodeit.org/products/iisshield/download.htm
</snip>
-----
Earn up to 10 credit course hours toward the TruSecure ICSA Practitioner (TICSA) Credential and receive a TICSA exam coupon by attending the Infosecurity Canada 2004 conference. Featured speaker, Marcus J. Ranum, TruSecure inventor of the proxy firewall will present on June 3 at 11:30 AM. Visit <https://ticsa.trusecure.com> for certification details and <http://www.infosecuritycanada.com> for conference information. Become TICSA certified and see what happens!
-----
- Previous message: Thor Larholm: "Re: MS04-011 Break SSL support in IE 6.0.3790.0 with Windows 2003"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
