Re: Can I add a NEW SECTION to URLSCAN?

From: BB (Bernard_at_3exp.com)
Date: 12/13/02


From: "BB" <Bernard_at_3exp.com>
Date: Fri, 13 Dec 2002 20:44:14 +0800


This can be done via 'Thomas' solution which set 'executable'
permission on certain .exe file.

Subject: urlscan configuration for specific cgi apps
Sender: billemery
Date: 12/12/2002 7:35am

but it won't be as simple as adding a 'New section' in urlscan.
and you still need to take out .exe in 'deny extension' section

Rgds.

"Clay Ramsey" <clayramsey@yahoo.com> wrote in message
news:efc4ab3d.0212121455.37521ea1@posting.google.com...
> Greetings all.
>
> As you are aware, URLSCAN has sections like [DenyUrlSequences].
>
> Can I *ADD* a new section to it? Like [AllowUrlSequences]?
>
> It would be pretty handy in that you could deny .exes, but allow a
> particular exe.
>
> As it is, I am allowing all .exes on a server, but disallowing
> cmd.exe, root.exe, and admin.dll. I'm not too keen on this since I am
> allowing ALOT of other attack vectors. The worst offenders are locked
> down, but.........



Relevant Pages

  • Re: URLScan (and Demarc PureSecure)
    ... I added focus-ids to the recipient list - if you reply to this, and it's not related to Intrusion Detection, please remove that recipient. ... still have reservations when it comes to allowing .exe ... > on opeing up specific .exe's via URLScan. ... >>> knowledge of web servers and I'm not sure how I ...
    (Security-Basics)
  • Re: URLScan
    ... i know you can move and ACL critical system ... still have reservations when it comes to allowing .exe ... > on opeing up specific .exe's via URLScan. ... >> Do You Yahoo!? ...
    (Security-Basics)
  • Re: IIS Lockdown/URLScan - no .exes
    ... INFO: Using URLScan on IIS ... Either I didn't read the Docs very>>well, or didn't configure things correctly, as my server ... >>Specifically, the server would not allow any .asp,>>or .exe files. ...
    (microsoft.public.inetserver.iis.security)
  • RE: URLScan
    ... I would NOT recommend opening up the .exe ... > extension. ... > reboot your server. ... > Subject: URLScan ...
    (Security-Basics)
  • Re: Downloading .exe files from an WinXP IIS server.
    ... Just be aware enabling .exe in URLscan removed one of its ... Better to make the URL download a zip. ... > the IIS ...
    (microsoft.public.windowsxp.security_admin)