[ILUG] IIS problems
Wesley Darlington
wesley at yelsew.com
Wed Sep 26 09:20:41 IST 2001
On Tue, Sep 25, 2001 at 07:30:18PM +0100, David Murphy wrote:
> Quoting <3BB0CC2C.9040607 at esatclear.ie>
> by Paul Kelly <longword at esatclear.ie>:
> > How can it be illegal? They requested the machine deinstallation
> > program from your web server. And you've got the Apache logs to
> > prove it.
> I don't believe "They asked for it" will stand up in court.
Probably right. Much better to format their drives so all
trace of your activity is removed. Dead boxes tell no tales.
Use https if it's there to lessen the likelihood of IDSes (*)
noticing.
Thought - services on ports traditionally have warnings about who
can connect: telnet and ftp for example. What would the implications
of an HTTP X- header to the effect that "unauthorised personse should
disconnect and never reconnect; if you're not sure if you're authorised
then you are not." ...? Where might one put such a banner?
Tongue-ily in cheek,
Wesley.
(*) Although the idea that somebody with nimda or code-red on their
network might have an IDS (or other source of reasonably tamper-
proof logs) beggars belief! :-)
More information about the ILUG
mailing list