|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Sacha Faust (sacha
severus.org)Date: Wed Jan 23 2002 - 16:09:25 CST
I taught this might interest this list also. See below
» -----Original Message-----
» From: Sacha Faust [mailto:sachaseverus.org]
» Sent: terça-feira, 22 de Janeiro de 2002 3:10
» To: pen-testsecurityfocus.com
» Subject: Detecting if SecureIIS from Eeye is installed
»
»
» This is not something big and I don't consider it a bug but
» it's something that migh be usefull when trying to brake an
» IIS server. I don't have a copy of the software so I don't
» know if this is cause by misconfiguration or something else.
» While debugging after someone mentionned a problem with an
» early version of Metis 1.1, I saw that you can detect the
» presence of the SecureIIS product from Eeye by issuing an
» HEAD request on any files or folder and looking at the return
» data. The SecureIIS will return HTTP error code 406 (Not Acceptable),
» Content-Length: 1176 and Content-Type: text/html. It will
» also announce itself in the reply message. Here is an example
»
» E:\Metis>nc -v www.site.com 80
» www.site.com [111.111.111.111] 80 (http) open
» HEAD /
»
» HTTP/1.1 406
» Server: Microsoft-IIS/4.0
» Date: Tue, 22 Jan 2002 02:23:42 GMT
» Content-Type: text/html
» Content-Length: 1176
»
» <HTML>
» <BODY text=#000000 vLink=#ff9900 link=#ff9900
» bgColor=#ffffff> <TABLE cellSpacing=5 cellPadding=3 width=400>
» <TBODY>
» <TR>
» <TD vAlign=center align=left width=400><FONT
» face=Verdana,Arial,Helvetica
» size=2><FONT size=3><B>SecureIIS application firewall security
» alert</B></FONT><BR><BR><BR>HTTP Request caused a
» security alert, please
» contact our web master if you are getting this alert in
» error.<BR><BR>
» <HR>
» <BR><B>What is SecureIIS</B><BR>SecureIIS offers websites
» running Microsoft Internet Information Server a broad
» range of protection
»
» from common vulnerabilities, both known and unknown.
» Because SecureIIS
» does not protect against specific vulnerabilities, but
» classes of
» vulnerabilities, it allows for a much more far reaching
» layer of security.
»
» <BR><BR>
» <HR>
» <BR>For more information on SecureIIS, please visit <A
»
» href="http://www.eeye.com/SecureIIS/">http://www.eeye.com/Secu
» reIIS/</A><B
» R><BR><B><FONT
» color=#ff7000>eEye</FONT>Ö Digital Security</B> -
» <I>Vulnerability Is
» Over...</I></FONT></TD></TR></TBODY></TABLE></BODY></HTML>
»
»
»
»
» ---------
» Sacha Faust
» sachaseverus.org
» Metis : http://www.ideahamster.org/tid.htm
-------
Sacha Faust
sachaseverus.org
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]