[TOOL] URLScan, Automatic Request Sanitization Tool from Microsoft
From: support@securiteam.comDate: 09/16/01
- Previous message: support@securiteam.com: "[EXPL] Kazaa / Morpheus Denial of Service Attack (Flood)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Subject: [TOOL] URLScan, Automatic Request Sanitization Tool from Microsoft Message-Id: <20010916161059.78106138BF@mail.der-keiler.de> Date: Sun, 16 Sep 2001 18:10:59 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
URLScan, Automatic Request Sanitization Tool from Microsoft
------------------------------------------------------------------------
DETAILS
A new security tool for IIS has been released. The tool is called URLScan,
and can be used on web servers running IIS 4.0, 5.0 or 5.1. It is a great
complement to the <http://www.securiteam.com/tools/5QP0N1F55Q.html> IIS
Lockdown tool that Microsoft released two weeks ago, but whereas IIS
Lockdown ensures that a web server is configured for secure operation,
URLScan protects the server while it's in operation.
Most attacks against web servers involve the use of a request that is
unusual in some sense. It might be extremely long, contain special
characters, use an alternate character set, and so forth. URLScan protects
a server by giving the administrator a way to prevent such requests from
reaching the server. When installed and running, URLScan intercepts all
incoming requests, compares them to a ruleset, and drops them if they do
not meet the specifications of the ruleset.
The tool comes with a default ruleset that is appropriate for most
servers. The ruleset can be customized to meet the needs of a particular
web server. (Microsoft does recommend that the tool be used by experienced
web administrators, as it could be possible to set the restrictions so
tight that they could interfere with normal operation of the server).
ADDITIONAL INFORMATION
More information on the tool is available at
<http://www.microsoft.com/technet/security/URLScan.asp>
http://www.microsoft.com/technet/security/URLScan.asp
The tool can be downloaded directly from
<http://www.microsoft.com/Downloads/Release.asp?ReleaseID=32571>
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=32571
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[EXPL] Kazaa / Morpheus Denial of Service Attack (Flood)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
