Re: assessing IIS 5.0

From: pratiksha.doshi@xxxxxxxxxxxxxxxxx
Date: 5 Sep 2006 07:08:21 -0000

Hi,

I feel it should be given Low Threat rating as the attacker cannot directly
exploit it.

To prevent internal IP address disclosure take the following steps:

a) Open a command prompt and change the current directory to
c:\inetpub\adminscripts or to the directory where 'adminscripts' is located.

b) Execute the following commands:
adsutil set w3svc/UseHostName True
net stop iisadmin /y
net start w3svc

This change will force the IIS server to use the machine host name instead
of the IP address.

Thanks
Pratiksha
Penetration tester,NII Consulting

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

Prev by Date: RE: Windows Independant GUI
Next by Date: RE: assessing IIS 5.0
Previous by thread: Re: assessing IIS 5.0
Next by thread: RE: assessing IIS 5.0
Index(es):
- Date
- Thread

Relevant Pages

Re: Spoofed IP address
... In some common MITM the attacker spoofs it original mac address like ... IP address as the server(when handling the communication with client ... Cenzic Hailstorm finds vulnerabilities fast. ... ting ding ting ding ting ding ...
(Pen-Test)
Re: Spoofed IP address[Scanned]
... the attacker doesn't use the same IP address... ... the server's ARP table to point to the attackers IP. ... communication between the client and server. ... Cenzic Hailstorm finds vulnerabilities fast. ...
(Pen-Test)
Legal/Non-disclosure example
... verbiage for an outside firm performing security/pen testing for a ... Cenzic Hailstorm finds vulnerabilities fast. ...
(Pen-Test)