win2k3 and isa2k vulnerability scan
From: gotenks (gotenks_at_dragonball.z)
Date: 11/01/04
- Previous message: Lionel Fourquaux: "Re: Run As for Internet Protocol"
- Next in thread: S. Pidgorny
: "Re: win2k3 and isa2k vulnerability scan" - Reply: S. Pidgorny
: "Re: win2k3 and isa2k vulnerability scan" - Reply: Alun Jones [MSFT]: "Re: win2k3 and isa2k vulnerability scan"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 1 Nov 2004 12:42:45 -0800
I ran a nessus (free open source vulnerability scanner)
scan on my 'public-ip/web server'. It was able to
identify the version of ISA and IIS that i was running.
It also reported a MS Predictable TCP sequence
vulnerability, i dont know if it was referring to
Win2k3/IIS 6.0 or ISA2K. The recommendation for the tcp
sequence vulnerability was to get a patch from the
vendor? It also recommended to use URLSCAN to hide the
identity of IIS 6.0? Does anyone know how i can get that
patch from MS for the tcp sequence vulnerability, and how
to configure urlscan to hide the IIS version im using?
- Previous message: Lionel Fourquaux: "Re: Run As for Internet Protocol"
- Next in thread: S. Pidgorny
: "Re: win2k3 and isa2k vulnerability scan" - Reply: S. Pidgorny
: "Re: win2k3 and isa2k vulnerability scan" - Reply: Alun Jones [MSFT]: "Re: win2k3 and isa2k vulnerability scan"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
