Re: Basic authentication against automated attacks

---

• From: "Ken Schaefer" <kenREMOVE@xxxxxxxxxxxxxxxxxxxx>
• Date: Tue, 28 Feb 2006 14:19:54 +1100

---

It depends if the buffer overflow occurs in a component that's invoked
before/after the Authentication process is invoked.

If there's a buffer overflow in the TCP/IP stack, then that can be exploited
before IIS even sees the request.

Cheers
Ken


"Bulent" <bulent@xxxxxxxxxxxxxx> wrote in message
news:1141085765.104878.299500@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
: Is basic authentication useful against automated attacks (e.g. those
: attacks using buffer overflows).
:
: Regards,
: Bulent
:


.

---

• Follow-Ups:
  • Re: Basic authentication against automated attacks
    • From: Bulent

• References:
  • Basic authentication against automated attacks
    • From: Bulent

• Prev by Date: Basic authentication against automated attacks
• Next by Date: keep IIS in RAM
• Previous by thread: Basic authentication against automated attacks
• Next by thread: Re: Basic authentication against automated attacks
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.inetserver.iis.security  > 2006-02