[Xitami] combat against cmd.exe
Gunnar Swan
xitami@lists.xitami.org
Sun, 30 Jun 2002 07:46:11 -0700
Those are attempts to attack a IIS server.
My logs are full of attempts of various nature.
I've never had a problem with someone getting through.
I would suggest a firewall. I use www.TinySoftware.com
Next ... make sure your NT machine is locked down.
A good book on NT security is O'Reilly
"Securing Windows NT/2000 Servers for the Internet"
ISBN 1-56592-768-0
It's a small but very thorough book that does the step by step and avoids
all the theory.
6/30/02 3:04:28 AM, "Robert J. DeMartini" <robdemartini@mindspring.com> wrote:
>Hello,
>
>I'm interested to know what others are doing with Xitami to combat against
>this outside attack:
>
>/scripts/..%5c../winnt/system32/ cmd.exe
>/scripts/..%5c../winnt/ system32/cmd.exe?/c+dir
>
>and this:
>
>/scripts/..%5c../httpodbc.dll
>
>Shows up in my log files often. I'm assuming this is a NT vulnerability?
>Since I'm not running NT it's a fruitless attack but am concerned about
>other attacks I may encounter in the future and want to know if there is
>built in precautions.
>
>Thanks,
>
>Rob
>
>
>--
>Xitami Users Mailing List -- For Xitami support
>To unsubscribe: http://lists.xitami.org/mailman/listinfo/xitami
>