[22412] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Tool prevents logging of default.ida (IIS / NT)

daemon@ATHENA.MIT.EDU (Hardy Krause)
Fri Aug 24 18:59:32 2001

Reply-To: <krause-bfi@t-online.de>
From: "Hardy Krause" <krause@netcomplett.de>
To: <bugtraq@securityfocus.com>
Date: Fri, 24 Aug 2001 23:59:31 +0200
Message-ID: <KIEKJHGHGPHJNOHILBFHGEMPCBAA.krause@netcomplett.de>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit

Code Red Worm destroyed most of our log files also after patching the
server.

We have created a little ISAPI-Filter. It performs a check if someone calls
the default.ida. In this case the session will be closed immediately and it
does not take place an entry in the logfile.

Our tool can be installed on servers running IIS4 or IIS5.

It can be downloaded free of charge from http://www.netcomplett.de/software/
(Look for ncIdaBlocker).

Best regards

Hardy Krause

eMail: info@netcomplett.de
internet: www.netcomplett.de
tel: +49-345-5636185
fax: +49-345-5636188

netcomplett
fiete-schulze-str. 13
06116 Halle


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[22412] in bugtraq

Tool prevents logging of default.ida (IIS / NT)

daemon@ATHENA.MIT.EDU (Hardy Krause)Fri Aug 24 18:59:32 2001

daemon@ATHENA.MIT.EDU (Hardy Krause)
Fri Aug 24 18:59:32 2001