URLSCAN

From: Dimitri Limanovski (dimitri@salliemaesolutions.com)
Date: 09/20/01


Message-ID: <8E59B8D3ACFA454D95FCAF90CBADDE46443387@xchange.cambridge.salliemaesolutions.com>
From: Dimitri Limanovski <dimitri@salliemaesolutions.com>
To: 'Focus-MS' <focus-ms@securityfocus.com>
Subject: URLSCAN
Date: Wed, 19 Sep 2001 19:00:58 -0400

Where does one find more info on URLSCAN tool available from Microsoft?
I looked through README.TXT and URLSCAN.INI but couldn't figure out how to
block certain HTTP methods, disable possibly harmful extensions and disallow
requesting executables..
I wish there was a good readme enclosed with the product since I've heard it
was pretty effective against CodeRed-types of vulnerabilities.
Any info is GREATLY appreciated.

Dimitri

P.S. Just a though: moving CMD.EXE, FTP.EXE, TFTP.EXE along with dozen or so
other "popular" executables from %SYSTEMROOT% to other directory and ACL
them correctly on IIS will save you ass one day.



Relevant Pages

  • RE: URLSCAN
    ... Subject: URLSCAN ... Where does one find more info on URLSCAN tool available from Microsoft? ... requesting executables.. ...
    (Focus-Microsoft)
  • RE: URLSCAN
    ... Subject: URLSCAN ... Where does one find more info on URLSCAN tool available from Microsoft? ... requesting executables.. ...
    (Focus-Microsoft)