Monday, December 19, 2005

Why run IIS on Windows XP? discovered a Microsoft IIS Remote Denial of Service (DoS) .DLL Url exploit on Friday the 16th.
This lends to the debate whether or not a webserver on a desktop PC is a good idea. Obviously, developers have a strong opinion here, so consider the following: run IIS as localhost only, use Windows Firewall to block all web ports, and disable SMTP and Front Page extensions. Disabling Front Page extensions will prevent the above exploit even if the Windows Firewall is off.

No comments:

toolsmith #129 - DFIR Redefined: Deeper Functionality for Investigators with R - Part 2

You can have data without information, but you cannot have information without data. ~Daniel Keys Moran Here we resume our discussion of ...