Security Scan on IIS shows files and folders
From: Don Wood (don@iemployee.com)
Date: 08/14/02
- Next message: B Russ: "IIS Server/Client Authentication"
- Previous message: B Russ: "How to request renew of certificate for IIS 4.0"
- Next in thread: karl [x y]: "Re: Security Scan on IIS shows files and folders"
- Reply: karl [x y]: "Re: Security Scan on IIS shows files and folders"
- Reply: Jeff Cochran: "Re: Security Scan on IIS shows files and folders"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: don@iemployee.com (Don Wood) Date: 14 Aug 2002 14:00:46 -0700
HELP!
Recently our comapny had a Professional Security Scan done one of our
production web sites. We are running Windows 2000 SP2 (with all
up-to-date patches), IIS 5.
When they conducted the security scan, they told us we had many files
with ".old or.bak" extensions. They also viewed the contents of a
folder called "_test" on the site (off the wwwroot).
My question, since they will not tell us, is; How are they viewing
these files????
How can they see folders "_xxxx" and files with "old" extensions on
the Hard Drive.
Directory browsing is turned off, so that's not it!
We took our server offline until we can determine what the heck is
causing this..
PLEASE... Any help or suggestions where to look would be greatful!!!!!
please reply to don@iemployee.com
Thanks in advance,
Don
- Next message: B Russ: "IIS Server/Client Authentication"
- Previous message: B Russ: "How to request renew of certificate for IIS 4.0"
- Next in thread: karl [x y]: "Re: Security Scan on IIS shows files and folders"
- Reply: karl [x y]: "Re: Security Scan on IIS shows files and folders"
- Reply: Jeff Cochran: "Re: Security Scan on IIS shows files and folders"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
