[ILUG] IIS problems
John Moylan
john at nua-tech.com
Wed Sep 26 17:48:17 IST 2001
Maybe I'm a bit late on this one..(working on the digest).. port sentry have this - although it is not recommended.
John
On Wed, Sep 26, 2001 at 04:20:37AM -0400, Wesley Darlington wrote:
> Date: Wed, 26 Sep 2001 04:20:37 -0400
> From: Wesley Darlington <wesley at yelsew.com>
> To: ilug at linux.ie
> Subject: Re: [ILUG] IIS problems
>
> On Tue, Sep 25, 2001 at 07:30:18PM +0100, David Murphy wrote:
> > Quoting <3BB0CC2C.9040607 at esatclear.ie>
> > by Paul Kelly <longword at esatclear.ie>:
> > > How can it be illegal? They requested the machine deinstallation
> > > program from your web server. And you've got the Apache logs to
> > > prove it.
> > I don't believe "They asked for it" will stand up in court.
>
> Probably right. Much better to format their drives so all
> trace of your activity is removed. Dead boxes tell no tales.
> Use https if it's there to lessen the likelihood of IDSes (*)
> noticing.
>
> Thought - services on ports traditionally have warnings about who
> can connect: telnet and ftp for example. What would the implications
> of an HTTP X- header to the effect that "unauthorised personse should
> disconnect and never reconnect; if you're not sure if you're authorised
> then you are not." ...? Where might one put such a banner?
>
> Tongue-ily in cheek,
> Wesley.
>
> (*) Although the idea that somebody with nimda or code-red on their
> network might have an IDS (or other source of reasonably tamper-
> proof logs) beggars belief! :-)
>
> --__--__--
--
___________________________________
John G. Moylan
PGP Key - http://www.nua-tech.com/john/John-Moylan-PUB-KEY.asc
************************************************************
The information in this e-mail is confidential and may be
legally privileged. It is intended solely for the addressee.
Access to this e-mail by anyone else is unauthorised. If
you are not the intended recipient, any disclosure, copying,
distribution, or any action taken or omitted to be taken in
reliance on it, is prohibited and may be unlawful.
*************************************************************
More information about the ILUG
mailing list