Wrap <CFTRY> and <CFCATCH Type="ANY"> around your CF applications so
he can't view partial "source code" through error messages. Not a
physical bug but I think it can lead to more serious intrusions.
Xing
> Ok, fellow Listees, here's the deal...
>
> My boss's daughter has a boyfriend.. (can you smell the trouble
> already???). He is bent out of shape over the fact that I did
> not recommend
> that we hire him (I interviewed him and gave his skill sets an
honest,
> thorough exam). He is good at A/V stuff, but his web
experience/database
> experience is null. Anyway, back to the situation...... He has
convinced
> the boss to pay him 2 grand to attempt to hack the system I built.
He
> claims to be a super hacker, blah, blah, blah. I am not too
> confident that
> he can do it, but there is a small chance....
>
> Multiple minds are better than one. I have gone over and over
> all the stuff
> I know, but I am more than likely missing some stuff. Anyone
> care to share
> their CF/NT/IIS security checklist or other advice?
>
> It's escalated into all-out war. He is going to stop at nothing
> to make me
> look bad, and I will stop at nothing to prevent him from succeeding.
>
> Thanks in advance. I will custom print 5 free T-shirts with your
logo (in
> one color) on them if you give me advice that plugs up a hole
> that I didn't
> know about.
>
>
> Thanks in advance.
> Nick Call
> [EMAIL PROTECTED]
> http://www.graphixonline.com
>
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
