OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Jerry Vogler (jv128mediaone.net)
Date: Thu Aug 09 2001 - 16:55:37 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Stop it on your perimeter router.
    http://www.cisco.com/warp/public/63/nbar_acl_codered.shtml

    This will protect your servers and log the internal interface so you can see
    if you are infected by the ACL log file

    Jerry Vogler
    Cisco CCNA CCDA CCDP CCNP
    CheckPoint CCSA/CCSE
    Nortel NNCAS
    Cisco CSE
    CSE Security Solutions Specialist
    CSE Network Management Specialist

    -----Original Message-----
    From: Hugh Choudhury [mailto:hugh.choudhurywebhostdir.com]
    Sent: Thursday, August 09, 2001 12:56 PM
    To: bugtraqsecurityfocus.com
    Subject: FW: [iisanswers] IISAnswers Bulletin: NT4 Sites with Redirects
    can crash from Code Red

    You guys seen this ? Further problems over and above Code Red patches

    -----Original Message-----
    From: bretttechmesa.com [mailto:bretttechmesa.com]
    Sent: 09 August 2001 18:00
    To: IISAnswers Newsletter
    Subject: [iisanswers] IISAnswers Bulletin: NT4 Sites with Redirects can
    crash from Code Red

    *************************************************
    * IIS Bulletin
    * NT4 Sites with Redirects can crash from Code Red
    **************************************************

    It has been confirmed that despite being patched, some NT4 servers are
    subject to crashing when processing URLS from Code Red and its variants.
    This occurs on patched NT4 servers that use redirection. W2K is not
    affected. Those of you using redirection enabled in the IIS Snap-in
    should take immediate action to ensure you are not vulnerable to this
    problem.

    This is not a problem if you use scripting to redirect your site or
    pages.

    Microsoft evidently knows about this but has not commented on it
    publicly.

    Below is the posting including a response from a Microsoft IIS support
    team member about the problem.

    http://archives.neohapsis.com/archives/incidents/2001-08/0218.html

    Dang, this bug is hard to squash!

    -brett

    ---------------------------------
    Now Registering for IIS FastTrack
    http:/www.iistraining.com 

    ---
This is an announcement only list, do not reply.
You are currently subscribed to iisanswers as: hugh.choudhurywebhostdir.com
To unsubscribe send a blank email to
leave-iisanswers-15362Ylyris.iislists.com