Re: anyone seen this problem?
From: Mike Larson (anonymous_at_discussions.microsoft.com)
Date: 12/30/03
- Next message: scottb_at_nospam.com: "HELP-An unexpected error occurred during logon"
- Previous message: Tarntanate M.: "Re: Security Question on setting NTFS permission for IIS6.0"
- In reply to: Karl Levinson [x y] mvp: "Re: anyone seen this problem?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 30 Dec 2003 05:25:37 -0800
I added it to urlscan just to be safe. I guess Security
Tracker didn't mention the solution.
>-----Original Message-----
>I don't work for Microsoft, but several people here have
seen it, and I'm
>fairly sure Microsoft has seen it [although the person who
reported it
>didn't give Microsoft any advance notice].
>
>I personally would not be worried about this. While this
is a questionable
>security decision in Windows 2000, you can use HTTP GET to
make such
>requests, and while they would be logged, would probably
not be noticed by
>most admins. Also, if you are using the free URLScan, you
are blocked from
>most of such trickery, and you can edit the URLSCAN.INI
file to log and
>block this if you wish. The article you link to says that
there is no
>solution, but two solutions were mentioned by the original
author several
>paragraphs later. All in all, I'm saving my panic for
another occasion.
>
>
>"Mike Larson" <anonymous@discussions.microsoft.com> wrote
in message
>news:081201c3ce4c$9c908860$a001280a@phx.gbl...
>> http://www.securitytracker.com/alerts/2003/Dec/1008563.html
>
>
>.
>
- Next message: scottb_at_nospam.com: "HELP-An unexpected error occurred during logon"
- Previous message: Tarntanate M.: "Re: Security Question on setting NTFS permission for IIS6.0"
- In reply to: Karl Levinson [x y] mvp: "Re: anyone seen this problem?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
