RE: You know what would be really cool?

2000-07-11 Thread Parker, Kevin

My apologies to the list but I'm in a real jovial mood today so couldn't
resist the temptation.

I think you are experiencing a new custom tag  



Kevin Parker
Service and Communication
WorkCover Corporation

[EMAIL PROTECTED]

ph:  +61 8 82332548
fax: +61 8 82332000



-Original Message-
From: Sean Renet [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, 12 July 2000 12:27:PM
To: [EMAIL PROTECTED]
Subject: You know what would be really cool?


I think it would be really cool if you went to Allaire's website, searched
for something and didn't get this:

  Error Diagnostic Information
  Error occurred in tag CFSEARCH

  Collection failed to open: AllaireWeb6SiteSearch


  The error occurred while processing an element with a general
identifier of (CFSEARCH), occupying document position (28:1) to (31:57) in
the template file
D:\WWWROOT\ALLAIREWEB65\CUSTOMTAGSV65\ALLAIREWEB\SITESEARCH\SITESEARCH.CFM.


  Date/Time: 07/11/00 22:55:58
  Browser: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)
  Remote Address: 63.203.119.82
  HTTP Referer: http://www.allaire.com/search/index.cfm



How do these guys expect to have people buy into this language when thier
own site is constantly breaking?


--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.




This e-mail is intended for the use of the addressee only. It may contain
information that is protected by legislated confidentiality and/or is
legally privileged. If you are not the intended recipient you are prohibited
from disseminating, distributing or copying this e-mail. Any opinion
expressed in this e-mail may not necessarily be that of the WorkCover
Corporation of South Australia. Although precautions have been taken, the
sender cannot warrant that this e-mail or any files transmitted with it are
free of viruses or any other defect.
If you have received this e-mail in error, please notify the sender
immediately by return e-mail and destroy the original e-mail and any copies.

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.



RE: You know what would be really cool?

2000-07-11 Thread Adrian Cesana

lol, I know I was showing my brother (C++ person) how cool CF was and took
him to the Allaire site (Mistake!) to show him some of the Developers
Exchange stuff...We did a search and kept getting the same thingHe fell
over laughing...


> -Original Message-
> From: Sean Renet [mailto:[EMAIL PROTECTED]]
>
> I think it would be really cool if you went to Allaire's website, searched
> for something and didn't get this:
>
>   Error Diagnostic Information
>   Error occurred in tag CFSEARCH
>
>   Collection failed to open: AllaireWeb6SiteSearch
>
>
>   The error occurred while processing an element with a general
> identifier of (CFSEARCH), occupying document position (28:1) to (31:57) in
> the template file
> D:\WWWROOT\ALLAIREWEB65\CUSTOMTAGSV65\ALLAIREWEB\SITESEARCH\SITESE
> ARCH.CFM.
>
>
>   Date/Time: 07/11/00 22:55:58
>   Browser: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)
>   Remote Address: 63.203.119.82
>   HTTP Referer: http://www.allaire.com/search/index.cfm
>
>
>
> How do these guys expect to have people buy into this language when thier
> own site is constantly breaking?
>

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.



RE: You know what would be really cool?

2000-07-12 Thread Steve Bernard

It is truly a sad state of affairs isn't it? This sort of thing has been
happening on a regular basis since Allaire first started hosting a website.
All three of their main components, Corporate, Forums, and Beta sites, have
gone down or produced errors that really make them look bad. The two general
types that I have seen the most, and that speak volumes about their
infrastructure/administration in my opinion, are related to performance/load
and database management. Ironically enough, these are two of tenants of the
Allaire Performance Tuning class, optimizing your code and your database.
Another problem that this exposes is Allaire's attention to detail and
security. You can learn a lot about a system by getting such error messages.
It may seem innocent enough but from this error message you know:

1) Using IIS
2) .. therefore, using NT
3) Web root is on D:, seperate from the system root
4) Exact path to the customtags directory
5) Template name
6) Exact line of offending code
7) 'CustomTagsV65' may indicate that they have multiple versions in one
tree. This may provide further opportunity
   if the system is breached.
8) Allaire doesn't monitor it's servers effectively
9) Allaire doesn't seem to take it's web presence seriously enough even
though the product it sells is made for
   developing high-end, robust, data-driven, web sites (enought buzz words
there?).

All this provides is information, not vulnerabilities, but, it is a definite
start in profiling the system, and all without having to send a single
suspicious packet their way. Anyone who has spent time profiling systems
will understand this. So if Allaire is this shoddy in protecting/maintaining
their corporate site what's going on with the areas of the site that manage
customer information?

Steve

p.s. I don't have anything against Allaire, I'm just calling it like I see
it.


> -Original Message-
> From: Sean Renet [mailto:[EMAIL PROTECTED]]
>
> I think it would be really cool if you went to Allaire's website, searched
> for something and didn't get this:
>
>   Error Diagnostic Information
>   Error occurred in tag CFSEARCH
>
>   Collection failed to open: AllaireWeb6SiteSearch
>
>
>   The error occurred while processing an element with a general
> identifier of (CFSEARCH), occupying document position (28:1) to (31:57) in
> the template file
> D:\WWWROOT\ALLAIREWEB65\CUSTOMTAGSV65\ALLAIREWEB\SITESEARCH\SITESE
> ARCH.CFM.
>
>
>   Date/Time: 07/11/00 22:55:58
>   Browser: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)
>   Remote Address: 63.203.119.82
>   HTTP Referer: http://www.allaire.com/search/index.cfm
>
>
>
> How do these guys expect to have people buy into this language when thier
> own site is constantly breaking?

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.



RE: You know what would be really cool?

2000-07-12 Thread Bryan Batchelder

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--_=_NextPart_001_01BFEC13.BA40F1D0
Content-Type: text/plain

Or they have deliberately misinformed you in the error message :-)  Not that
the error is deliberate...but the information it is giving you could be
deliberately wrong.

I have done this in past systems I have worked on.and set up most of my
UNIX boxes to give wrong profiling information (including information in
errors).

Just a thought.  Its fun watching people try linux exploits on a solaris
box...or vice versa - or making a linux box look like an NT box.


Bryan D. Batchelder   Work: 813-935-7100
Palm/Internet Developer   Home: 727-547-1322

ConnectWise, Inc. (www.ConnectWise.com)
2803 West Busch Blvd, Suite 204
Tampa, FL 33618


-Original Message-
From: Steve Bernard [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 12, 2000 11:03 AM
To: [EMAIL PROTECTED]
Subject: RE: You know what would be really cool?


It is truly a sad state of affairs isn't it? This sort of thing has been
happening on a regular basis since Allaire first started hosting a website.
All three of their main components, Corporate, Forums, and Beta sites, have
gone down or produced errors that really make them look bad. The two general
types that I have seen the most, and that speak volumes about their
infrastructure/administration in my opinion, are related to performance/load
and database management. Ironically enough, these are two of tenants of the
Allaire Performance Tuning class, optimizing your code and your database.
Another problem that this exposes is Allaire's attention to detail and
security. You can learn a lot about a system by getting such error messages.
It may seem innocent enough but from this error message you know:

1) Using IIS
2) .. therefore, using NT
3) Web root is on D:, seperate from the system root
4) Exact path to the customtags directory
5) Template name
6) Exact line of offending code
7) 'CustomTagsV65' may indicate that they have multiple versions in one
tree. This may provide further opportunity
   if the system is breached.
8) Allaire doesn't monitor it's servers effectively
9) Allaire doesn't seem to take it's web presence seriously enough even
though the product it sells is made for
   developing high-end, robust, data-driven, web sites (enought buzz words
there?).

All this provides is information, not vulnerabilities, but, it is a definite
start in profiling the system, and all without having to send a single
suspicious packet their way. Anyone who has spent time profiling systems
will understand this. So if Allaire is this shoddy in protecting/maintaining
their corporate site what's going on with the areas of the site that manage
customer information?

Steve

p.s. I don't have anything against Allaire, I'm just calling it like I see
it.


> -Original Message-
> From: Sean Renet [mailto:[EMAIL PROTECTED]]
>
> I think it would be really cool if you went to Allaire's website, searched
> for something and didn't get this:
>
>   Error Diagnostic Information
>   Error occurred in tag CFSEARCH
>
>   Collection failed to open: AllaireWeb6SiteSearch
>
>
>   The error occurred while processing an element with a general
> identifier of (CFSEARCH), occupying document position (28:1) to (31:57) in
> the template file
> D:\WWWROOT\ALLAIREWEB65\CUSTOMTAGSV65\ALLAIREWEB\SITESEARCH\SITESE
> ARCH.CFM.
>
>
>   Date/Time: 07/11/00 22:55:58
>   Browser: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)
>   Remote Address: 63.203.119.82
>   HTTP Referer: http://www.allaire.com/search/index.cfm
>
>
>
> How do these guys expect to have people buy into this language when thier
> own site is constantly breaking?


--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.

--_=_NextPart_001_01BFEC13.BA40F1D0
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable






RE: You know what would be really cool?



Or they have deliberately misinformed you in the =
error message :-)  Not that the error is deliberate...but the =
information it is giving you could be deliberately wrong.

I have done this in past systems I have worked =
on.and set up most of my UNIX boxes to give wrong profiling =
information (including information in errors).

Just a thought.  Its fun watching people try =
linux exploits on a solari

RE: You know what would be really cool?

2000-07-12 Thread Jeremy Allen

Heh their site search was failing to create sessions yesterday..
But I can understand.
Allaire is moving their entire company to a new building so
lets cut thema  lil slack ehh, I know the two are not really
related.. but moving servers and stuff and keeping any kind of
web presence is cool. :)


Jeremy



-Original Message-
From: Steve Bernard [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 12, 2000 11:03 AM
To: [EMAIL PROTECTED]
Subject: RE: You know what would be really cool?


It is truly a sad state of affairs isn't it? This sort of thing has been
happening on a regular basis since Allaire first started hosting a website.
All three of their main components, Corporate, Forums, and Beta sites, have
gone down or produced errors that really make them look bad. The two general
types that I have seen the most, and that speak volumes about their
infrastructure/administration in my opinion, are related to performance/load
and database management. Ironically enough, these are two of tenants of the
Allaire Performance Tuning class, optimizing your code and your database.
Another problem that this exposes is Allaire's attention to detail and
security. You can learn a lot about a system by getting such error messages.
It may seem innocent enough but from this error message you know:

1) Using IIS
2) .. therefore, using NT
3) Web root is on D:, seperate from the system root
4) Exact path to the customtags directory
5) Template name
6) Exact line of offending code
7) 'CustomTagsV65' may indicate that they have multiple versions in one
tree. This may provide further opportunity
   if the system is breached.
8) Allaire doesn't monitor it's servers effectively
9) Allaire doesn't seem to take it's web presence seriously enough even
though the product it sells is made for
   developing high-end, robust, data-driven, web sites (enought buzz words
there?).

All this provides is information, not vulnerabilities, but, it is a definite
start in profiling the system, and all without having to send a single
suspicious packet their way. Anyone who has spent time profiling systems
will understand this. So if Allaire is this shoddy in protecting/maintaining
their corporate site what's going on with the areas of the site that manage
customer information?

Steve

p.s. I don't have anything against Allaire, I'm just calling it like I see
it.


> -Original Message-
> From: Sean Renet [mailto:[EMAIL PROTECTED]]
>
> I think it would be really cool if you went to Allaire's website, searched
> for something and didn't get this:
>
>   Error Diagnostic Information
>   Error occurred in tag CFSEARCH
>
>   Collection failed to open: AllaireWeb6SiteSearch
>
>
>   The error occurred while processing an element with a general
> identifier of (CFSEARCH), occupying document position (28:1) to (31:57) in
> the template file
> D:\WWWROOT\ALLAIREWEB65\CUSTOMTAGSV65\ALLAIREWEB\SITESEARCH\SITESE
> ARCH.CFM.
>
>
>   Date/Time: 07/11/00 22:55:58
>   Browser: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)
>   Remote Address: 63.203.119.82
>   HTTP Referer: http://www.allaire.com/search/index.cfm
>
>
>
> How do these guys expect to have people buy into this language when thier
> own site is constantly breaking?


--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.



RE: You know what would be really cool?

2000-07-12 Thread Greg Creedon

I see! What a great idea. All of the tech staff and admins would have
their Allaire Secret Decoder Rings(tm), available in Personal or
Enterprise versions. Error says ODBC error? A quick flick of the dial and
it's actually a syntax error! Zounds! a misplaced > sign.

The future is so bright, I need shades!

Greg Creedon

On Wed, 12 Jul 2000, Bryan Batchelder wrote:

> This message is in MIME format. Since your mail reader does not understand
> this format, some or all of this message may not be legible.
> 
> --_=_NextPart_001_01BFEC13.BA40F1D0
> Content-Type: text/plain
> 
> Or they have deliberately misinformed you in the error message :-)  Not that
> the error is deliberate...but the information it is giving you could be
> deliberately wrong.
> 
> I have done this in past systems I have worked on.and set up most of my
> UNIX boxes to give wrong profiling information (including information in
> errors).
> 
> Just a thought.  Its fun watching people try linux exploits on a solaris
> box...or vice versa - or making a linux box look like an NT box.
> 
> 
> Bryan D. Batchelder   Work: 813-935-7100
> Palm/Internet Developer   Home: 727-547-1322
> 
> ConnectWise, Inc. (www.ConnectWise.com)
> 2803 West Busch Blvd, Suite 204
> Tampa, FL 33618
> 
> 
> -Original Message-
> From: Steve Bernard [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, July 12, 2000 11:03 AM
> To: [EMAIL PROTECTED]
> Subject: RE: You know what would be really cool?
> 
> 
> It is truly a sad state of affairs isn't it? This sort of thing has been
> happening on a regular basis since Allaire first started hosting a website.
> All three of their main components, Corporate, Forums, and Beta sites, have
> gone down or produced errors that really make them look bad. The two general
> types that I have seen the most, and that speak volumes about their
> infrastructure/administration in my opinion, are related to performance/load
> and database management. Ironically enough, these are two of tenants of the
> Allaire Performance Tuning class, optimizing your code and your database.
> Another problem that this exposes is Allaire's attention to detail and
> security. You can learn a lot about a system by getting such error messages.
> It may seem innocent enough but from this error message you know:
> 
> 1) Using IIS
> 2) .. therefore, using NT
> 3) Web root is on D:, seperate from the system root
> 4) Exact path to the customtags directory
> 5) Template name
> 6) Exact line of offending code
> 7) 'CustomTagsV65' may indicate that they have multiple versions in one
> tree. This may provide further opportunity
>if the system is breached.
> 8) Allaire doesn't monitor it's servers effectively
> 9) Allaire doesn't seem to take it's web presence seriously enough even
> though the product it sells is made for
>developing high-end, robust, data-driven, web sites (enought buzz words
> there?).
> 
> All this provides is information, not vulnerabilities, but, it is a definite
> start in profiling the system, and all without having to send a single
> suspicious packet their way. Anyone who has spent time profiling systems
> will understand this. So if Allaire is this shoddy in protecting/maintaining
> their corporate site what's going on with the areas of the site that manage
> customer information?
> 
> Steve
> 
> p.s. I don't have anything against Allaire, I'm just calling it like I see
> it.
> 
> 
> > -Original Message-
> > From: Sean Renet [mailto:[EMAIL PROTECTED]]
> >
> > I think it would be really cool if you went to Allaire's website, searched
> > for something and didn't get this:
> >
> >   Error Diagnostic Information
> >   Error occurred in tag CFSEARCH
> >
> >   Collection failed to open: AllaireWeb6SiteSearch
> >
> >
> >   The error occurred while processing an element with a general
> > identifier of (CFSEARCH), occupying document position (28:1) to (31:57) in
> > the template file
> > D:\WWWROOT\ALLAIREWEB65\CUSTOMTAGSV65\ALLAIREWEB\SITESEARCH\SITESE
> > ARCH.CFM.
> >
> >
> >   Date/Time: 07/11/00 22:55:58
> >   Browser: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)
> >   Remote Address: 63.203.119.82
> >   HTTP Referer: http://www.allaire.com/search/index.cfm
> >
> >
> >
> > How do these guys expect to have people buy into this language when thier
> > own site is constantly breaking?
> 
>

RE: You know what would be really cool?

2000-07-12 Thread Philip Arnold - ASP

> It may seem innocent enough but from this error message you know:
>
> 1) Using IIS
> 2) .. therefore, using NT

This can be found out through other means though - they're actually running
IIS4... therefore NT4

>From this info you could run attack attempts to check vunerabilities, but
that'd be illegal

BTW, if you want to check what someone is running, I find this site very
useful
http://www.netcraft.com/whats

Philip Arnold
ASP Multimedia Limited
T: +44 (0)20 8680 1133

"Websites for the real world"

**
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
**


--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.



RE: You know what would be really cool?

2000-07-12 Thread KChapman

Actually it's

The future's so bright, I gotta wear shades!

Just an FYI.

--K


Katrina Chapman
Consultant 
Ameriquest Mortgage




Greg Creedon <[EMAIL PROTECTED]>
07/12/00 08:54 AM
Please respond to cf-talk

 
To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
    cc: 
    Subject:RE: You know what would be really cool?

I see! What a great idea. All of the tech staff and admins would have
their Allaire Secret Decoder Rings(tm), available in Personal or
Enterprise versions. Error says ODBC error? A quick flick of the dial and
it's actually a syntax error! Zounds! a misplaced > sign.

The future is so bright, I need shades!

Greg Creedon

On Wed, 12 Jul 2000, Bryan Batchelder wrote:

> This message is in MIME format. Since your mail reader does not 
understand
> this format, some or all of this message may not be legible.
> 
> --_=_NextPart_001_01BFEC13.BA40F1D0
> Content-Type: text/plain
> 
> Or they have deliberately misinformed you in the error message :-)  Not 
that
> the error is deliberate...but the information it is giving you could be
> deliberately wrong.
> 
> I have done this in past systems I have worked on.and set up most of 
my
> UNIX boxes to give wrong profiling information (including information in
> errors).
> 
> Just a thought.  Its fun watching people try linux exploits on a solaris
> box...or vice versa - or making a linux box look like an NT box.
> 
> 
> Bryan D. Batchelder   Work: 813-935-7100
> Palm/Internet Developer   Home: 727-547-1322
> 
> ConnectWise, Inc. (www.ConnectWise.com)
> 2803 West Busch Blvd, Suite 204
> Tampa, FL 33618
> 
> 
> -Original Message-----
> From: Steve Bernard [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, July 12, 2000 11:03 AM
> To: [EMAIL PROTECTED]
> Subject: RE: You know what would be really cool?
> 
> 
> It is truly a sad state of affairs isn't it? This sort of thing has been
> happening on a regular basis since Allaire first started hosting a 
website.
> All three of their main components, Corporate, Forums, and Beta sites, 
have
> gone down or produced errors that really make them look bad. The two 
general
> types that I have seen the most, and that speak volumes about their
> infrastructure/administration in my opinion, are related to 
performance/load
> and database management. Ironically enough, these are two of tenants of 
the
> Allaire Performance Tuning class, optimizing your code and your 
database.
> Another problem that this exposes is Allaire's attention to detail and
> security. You can learn a lot about a system by getting such error 
messages.
> It may seem innocent enough but from this error message you know:
> 
> 1) Using IIS
> 2) .. therefore, using NT
> 3) Web root is on D:, seperate from the system root
> 4) Exact path to the customtags directory
> 5) Template name
> 6) Exact line of offending code
> 7) 'CustomTagsV65' may indicate that they have multiple versions in one
> tree. This may provide further opportunity
>if the system is breached.
> 8) Allaire doesn't monitor it's servers effectively
> 9) Allaire doesn't seem to take it's web presence seriously enough even
> though the product it sells is made for
>developing high-end, robust, data-driven, web sites (enought buzz 
words
> there?).
> 
> All this provides is information, not vulnerabilities, but, it is a 
definite
> start in profiling the system, and all without having to send a single
> suspicious packet their way. Anyone who has spent time profiling systems
> will understand this. So if Allaire is this shoddy in 
protecting/maintaining
> their corporate site what's going on with the areas of the site that 
manage
> customer information?
> 
> Steve
> 
> p.s. I don't have anything against Allaire, I'm just calling it like I 
see
> it.
> 
> 
> > -Original Message-
> > From: Sean Renet [mailto:[EMAIL PROTECTED]]
> >
> > I think it would be really cool if you went to Allaire's website, 
searched
> > for something and didn't get this:
> >
> >   Error Diagnostic Information
> >   Error occurred in tag CFSEARCH
> >
> >   Collection failed to open: AllaireWeb6SiteSearch
> >
> >
> >   The error occurred while processing an element with a general
> > identifier of (CFSEARCH), occupying document position (28:1) to 
(31:57) in
> > the template file
> >

RE: You know what would be really cool?

2000-07-12 Thread Bryan Batchelder

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--_=_NextPart_001_01BFEC29.DA889A70
Content-Type: text/plain;
charset="iso-8859-1"

Well, I wasn't suggesting thatthough it might be cool ;-)

I just meant they may (or should) put fake data in the message elsewhere.
Not the specific message 'Syntax Error on line: 'but maybe switch
out the path and some other info.  Maybe even server specific data.

I know its far fetched.but you can't assume everything is true.

They may be running their site on CF Linux!  Yeah right.

--b


Bryan D. Batchelder   Work: 813-935-7100
Palm/Internet Developer   Home: 727-547-1322

ConnectWise, Inc. (www.ConnectWise.com)
2803 West Busch Blvd, Suite 204
Tampa, FL 33618


-Original Message-
From: Greg Creedon [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 12, 2000 11:55 AM
To: '[EMAIL PROTECTED]'
Subject: RE: You know what would be really cool?


I see! What a great idea. All of the tech staff and admins would have
their Allaire Secret Decoder Rings(tm), available in Personal or
Enterprise versions. Error says ODBC error? A quick flick of the dial and
it's actually a syntax error! Zounds! a misplaced > sign.

The future is so bright, I need shades!

Greg Creedon

On Wed, 12 Jul 2000, Bryan Batchelder wrote:

> This message is in MIME format. Since your mail reader does not understand
> this format, some or all of this message may not be legible.
> 
> --_=_NextPart_001_01BFEC13.BA40F1D0
> Content-Type: text/plain
> 
> Or they have deliberately misinformed you in the error message :-)  Not
that
> the error is deliberate...but the information it is giving you could be
> deliberately wrong.
> 
> I have done this in past systems I have worked on.and set up most of
my
> UNIX boxes to give wrong profiling information (including information in
> errors).
> 
> Just a thought.  Its fun watching people try linux exploits on a solaris
> box...or vice versa - or making a linux box look like an NT box.
> 
> 
> Bryan D. Batchelder   Work: 813-935-7100
> Palm/Internet Developer   Home: 727-547-1322
> 
> ConnectWise, Inc. (www.ConnectWise.com)
> 2803 West Busch Blvd, Suite 204
> Tampa, FL 33618
> 
> 
> -Original Message-----
> From: Steve Bernard [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, July 12, 2000 11:03 AM
> To: [EMAIL PROTECTED]
> Subject: RE: You know what would be really cool?
> 
> 
> It is truly a sad state of affairs isn't it? This sort of thing has been
> happening on a regular basis since Allaire first started hosting a
website.
> All three of their main components, Corporate, Forums, and Beta sites,
have
> gone down or produced errors that really make them look bad. The two
general
> types that I have seen the most, and that speak volumes about their
> infrastructure/administration in my opinion, are related to
performance/load
> and database management. Ironically enough, these are two of tenants of
the
> Allaire Performance Tuning class, optimizing your code and your database.
> Another problem that this exposes is Allaire's attention to detail and
> security. You can learn a lot about a system by getting such error
messages.
> It may seem innocent enough but from this error message you know:
> 
> 1) Using IIS
> 2) .. therefore, using NT
> 3) Web root is on D:, seperate from the system root
> 4) Exact path to the customtags directory
> 5) Template name
> 6) Exact line of offending code
> 7) 'CustomTagsV65' may indicate that they have multiple versions in one
> tree. This may provide further opportunity
>if the system is breached.
> 8) Allaire doesn't monitor it's servers effectively
> 9) Allaire doesn't seem to take it's web presence seriously enough even
> though the product it sells is made for
>developing high-end, robust, data-driven, web sites (enought buzz words
> there?).
> 
> All this provides is information, not vulnerabilities, but, it is a
definite
> start in profiling the system, and all without having to send a single
> suspicious packet their way. Anyone who has spent time profiling systems
> will understand this. So if Allaire is this shoddy in
protecting/maintaining
> their corporate site what's going on with the areas of the site that
manage
> customer information?
> 
> Steve
> 
> p.s. I don't have anything against Allaire, I'm just calli

RE: You know what would be really cool?

2000-07-12 Thread Bryan Batchelder

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--_=_NextPart_001_01BFEC2B.CCE3AED0
Content-Type: text/plain;
charset="iso-8859-1"

You could just as easily telnet to port 80 and type 'get' and get the same
info.

c:\>telnet www.allaire.com 80
get

HTTP/1.1 400 Bad Request
Server: Microsoft-IIS/4.0
Date: Wed, 12 Jul 2000 18:07:05 GMT
Content-Type: text/html
Content-Length: 87

ErrorThe parameter is incorrect.



Connection to host lost.

But alas, this info can be changed tooat least under UNIX.

--b


Bryan D. Batchelder   Work: 813-935-7100
Palm/Internet Developer   Home: 727-547-1322

ConnectWise, Inc. (www.ConnectWise.com)
2803 West Busch Blvd, Suite 204
Tampa, FL 33618


-Original Message-
From: Philip Arnold - ASP [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 12, 2000 12:28 PM
To: [EMAIL PROTECTED]
Subject: RE: You know what would be really cool?


> It may seem innocent enough but from this error message you know:
>
> 1) Using IIS
> 2) .. therefore, using NT

This can be found out through other means though - they're actually running
IIS4... therefore NT4

>From this info you could run attack attempts to check vunerabilities, but
that'd be illegal

BTW, if you want to check what someone is running, I find this site very
useful
http://www.netcraft.com/whats

Philip Arnold
ASP Multimedia Limited
T: +44 (0)20 8680 1133

"Websites for the real world"

**
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
**



--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.

--_=_NextPart_001_01BFEC2B.CCE3AED0
Content-Type: text/html;
    charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable






RE: You know what would be really cool?



You could just as easily telnet to port 80 and type =
'get' and get the same info.


c:\>telnet www.allaire.com 80
get


HTTP/1.1 400 Bad Request
Server: Microsoft-IIS/4.0
Date: Wed, 12 Jul 2000 18:07:05 GMT
Content-Type: text/html
Content-Length: 87


<html><head><title>Error</title></he=
ad><body>The parameter is incorrect. </body>
</html>


Connection to host lost.


But alas, this info can be changed tooat least =
under UNIX.


--b



Bryan D. =
Batchelder   Work: =
813-935-7100
Palm/Internet Developer   Home: =
727-547-1322

ConnectWise, Inc. (www.ConnectWise.com)
2803 West Busch Blvd, Suite 204
Tampa, FL 33618



-Original Message-
From: Philip Arnold - ASP [mailto:[EMAIL PROTECTED]">mailto:[EMAIL PROTECTED]]=

Sent: Wednesday, July 12, 2000 12:28 PM
To: [EMAIL PROTECTED]
Subject: RE: You know what would be really =
cool?



> It may seem innocent enough but from this error =
message you know:
>
> 1) Using IIS
> 2) .. therefore, using NT


This can be found out through other means though - =
they're actually running
IIS4... therefore NT4


From this info you could run attack attempts to check =
vunerabilities, but
that'd be illegal


BTW, if you want to check what someone is running, I =
find this site very
useful
http://www.netcraft.com/whats" =
TARGET=3D"_blank">http://www.netcraft.com/whats


Philip Arnold
ASP Multimedia Limited
T: +44 (0)20 8680 1133


"Websites for the real world"


***=
***
This email and any files transmitted with it are =
confidential and
intended solely for the use of the individual or =
entity to whom they
are addressed. If you have received this email in =
error please notify
the system manager.
***=
***



---=
---
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/" =
TARGET=3D"_blank">http://www.mail-archive.com/cf-talk@houseoffusion.com/=

To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=3Dlists&body=3Dli=
sts/c

RE: You know what would be really cool?

2000-07-12 Thread Steve Bernard

As I said, this information is given to you without having to do any work.
It is rather trivial to profile the outside interfaces of a server but, when
a company makes itself stick out by having things like this happen on a
regular and long term basis it can make that company more susceptible to
intrusion. If nothing else it makes them look bad. It's a legitimate concern
when a company doesn't use their own product to set a positive and
impressive example. But then, Allaire has historically put security on the
back burner in their products. I remember when Allaire first introduced the
web based administrator in CF, 2.0 or 3.0, without requiring any
authentication or authorization at all. You could go to any CF-based site
and shut it down, 'click'. Their response was along the lines of, "but, but
... that's just not fair." As a matter of fact, I met and talked to Jeremy
Allaire during this period and questioned him on this matter and he told me
flat out that during the development cycle security was definitely put on a
back burner to features and time schedule. This business philosophy
continues as evidenced by the security holes in 4.x. Microsoft endures
unending criticism for its philosophy of features before security, and Sun
has been blasted for various holes in the JRE and Sandbox architectures.
Where's the outcry to Allaire? People want to use CF to create Internet
environments that form the foundation of e-commerce but, don't seem overly
concerned about the security of the product until AFTER someone exploits it.
I say "hats off" to RFP, Matt Chapman, and the others who have exposed
weaknesses in Allaire's products. At least they take the time to look.

Steve


-Original Message-
From: Philip Arnold - ASP [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 12, 2000 12:28 PM
To: [EMAIL PROTECTED]
Subject: RE: You know what would be really cool?


> It may seem innocent enough but from this error message you know:
>
> 1) Using IIS
> 2) .. therefore, using NT

This can be found out through other means though - they're actually running
IIS4... therefore NT4

>From this info you could run attack attempts to check vunerabilities, but
that'd be illegal

BTW, if you want to check what someone is running, I find this site very
useful
http://www.netcraft.com/whats

Philip Arnold
ASP Multimedia Limited
T: +44 (0)20 8680 1133

"Websites for the real world"

**
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
**



--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.



RE: You know what would be really cool?

2000-07-12 Thread Steve Bernard

Deliberate obfuscation of environment information is a legitimate security
technique but, I have never seen this used on debug information. If nothing
else, you severely hamper your developers ability to fix problem quickly and
effectively. The type of information in this error message combined with the
fact that their sites have been throwing errors since inception lead me to
believe that obfuscation is not being used here. Also, I've talked with
their web team before regarding various issues and the problem always ends
up being related to the error message that is thrown.

Steve


-Original Message-
From: Greg Creedon [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 12, 2000 11:55 AM
To: '[EMAIL PROTECTED]'
Subject: RE: You know what would be really cool?


I see! What a great idea. All of the tech staff and admins would have
their Allaire Secret Decoder Rings(tm), available in Personal or
Enterprise versions. Error says ODBC error? A quick flick of the dial and
it's actually a syntax error! Zounds! a misplaced > sign.

The future is so bright, I need shades!

Greg Creedon

On Wed, 12 Jul 2000, Bryan Batchelder wrote:

> This message is in MIME format. Since your mail reader does not understand
> this format, some or all of this message may not be legible.
>
> --_=_NextPart_001_01BFEC13.BA40F1D0
> Content-Type: text/plain
>
> Or they have deliberately misinformed you in the error message :-)  Not
that
> the error is deliberate...but the information it is giving you could be
> deliberately wrong.
>
> I have done this in past systems I have worked on.and set up most of
my
> UNIX boxes to give wrong profiling information (including information in
> errors).
>
> Just a thought.  Its fun watching people try linux exploits on a solaris
> box...or vice versa - or making a linux box look like an NT box.
>
> 
> Bryan D. Batchelder   Work: 813-935-7100
> Palm/Internet Developer   Home: 727-547-1322
> 
> ConnectWise, Inc. (www.ConnectWise.com)
> 2803 West Busch Blvd, Suite 204
> Tampa, FL 33618
> 
>
> -Original Message-
> From: Steve Bernard [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, July 12, 2000 11:03 AM
> To: [EMAIL PROTECTED]
> Subject: RE: You know what would be really cool?
>
>
> It is truly a sad state of affairs isn't it? This sort of thing has been
> happening on a regular basis since Allaire first started hosting a
website.
> All three of their main components, Corporate, Forums, and Beta sites,
have
> gone down or produced errors that really make them look bad. The two
general
> types that I have seen the most, and that speak volumes about their
> infrastructure/administration in my opinion, are related to
performance/load
> and database management. Ironically enough, these are two of tenants of
the
> Allaire Performance Tuning class, optimizing your code and your database.
> Another problem that this exposes is Allaire's attention to detail and
> security. You can learn a lot about a system by getting such error
messages.
> It may seem innocent enough but from this error message you know:
>
> 1) Using IIS
> 2) .. therefore, using NT
> 3) Web root is on D:, seperate from the system root
> 4) Exact path to the customtags directory
> 5) Template name
> 6) Exact line of offending code
> 7) 'CustomTagsV65' may indicate that they have multiple versions in one
> tree. This may provide further opportunity
>if the system is breached.
> 8) Allaire doesn't monitor it's servers effectively
> 9) Allaire doesn't seem to take it's web presence seriously enough even
> though the product it sells is made for
>developing high-end, robust, data-driven, web sites (enought buzz words
> there?).
>
> All this provides is information, not vulnerabilities, but, it is a
definite
> start in profiling the system, and all without having to send a single
> suspicious packet their way. Anyone who has spent time profiling systems
> will understand this. So if Allaire is this shoddy in
protecting/maintaining
> their corporate site what's going on with the areas of the site that
manage
> customer information?
>
> Steve
>
> p.s. I don't have anything against Allaire, I'm just calling it like I see
> it.
>
>
> > -Original Message-
> > From: Sean Renet [mailto:[EMAIL PROTECTED]]
> >
> > I think it would be really cool if you went to Allaire's website,
searched
> > for something and didn't get this:
> >
> >   Error Diagnostic Information
> >   Error occurred in tag CFSEARCH
> >
> > 

Re: You know what would be really cool?

2000-07-12 Thread Fred T. Sanders


- Original Message -
From: "Philip Arnold - ASP" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, July 12, 2000 12:27 PM
Subject: RE: You know what would be really cool?


> > It may seem innocent enough but from this error message you know:
> >
> > 1) Using IIS
> > 2) .. therefore, using NT
>
> This can be found out through other means though - they're actually
running
> IIS4... therefore NT4
>

Not necessarily NT4 just because of IIS4 though.  That runs on 98 too  (yes
its PWS but still reports IIS4).

Fred

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.



Re: You know what would be really cool?

2000-07-12 Thread Brandon Whitaker

>The future's so bright, I gotta wear shades!

Second verse:

..."I studied ColdFusion coding,
 I read Ben Forta;
Subscribe to CF-Talk, but I killfile (OT) squawk;
  tags are kewl,  is even kewler...

When CF Studio they see, co-workers get enraged
Those poor ASP coders...
  They're stuck with FrontPage,
  They're stuck with FrontPage..."

Brandon Whitaker
[EMAIL PROTECTED]
---
"It'll get used by the same people using Opera.  People dressed in black
wearing berets."
- Dave Watts, on Mozilla

"It makes you feel so welcome to have a greeter like Papa Dave at the door.
Kind of like what Wal-Mart wishes it could do."
- John Allred, on Dave Watts

"The net interprets censorship as damage and routes around it."
- John Gilmore


--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.



RE: You know what would be really cool?

2000-07-12 Thread Zachary Bedell

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> > > 1) Using IIS
> > > 2) .. therefore, using NT
> > This can be found out through other means though - they're
> > actually running IIS4... therefore NT4
> 
> Not necessarily NT4 just because of IIS4 though.  That runs 
> on 98 too  (yes
> its PWS but still reports IIS4).

If Allaire is running their webservers on a 98 box, I think I'll wet
myself laughing...  It wouldn't particularlly SURPRISE me, given what
I've seen, but it would be dang funny!  

Regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.3 for non-commercial use 
Comment: Please use PGP!!!

iQA/AwUBOWz5NwraVoMWBwRBEQK1bQCfZ7AgKWgp6SZkM8nS0pF41PRd0vQAn3eo
DA20LgjRGGLIqeKsWvbi3ddR
=omua
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.



RE: You know what would be really cool?

2000-07-12 Thread Tom Forbes

CF'ers --

I've paid for entertainment that isn't this good.

It would be different if the problem was not chronic and acute (IMHO)

Tom

At 07:03 PM 7/12/00, you wrote:
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA1
>
> > > > 1) Using IIS
> > > > 2) .. therefore, using NT
> > > This can be found out through other means though - they're
> > > actually running IIS4... therefore NT4
> >
> > Not necessarily NT4 just because of IIS4 though.  That runs
> > on 98 too  (yes
> > its PWS but still reports IIS4).
>
>If Allaire is running their webservers on a 98 box, I think I'll wet
>myself laughing...  It wouldn't particularlly SURPRISE me, given what
>I've seen, but it would be dang funny!  
>
>Regards,
>Zac Bedell
>
>-BEGIN PGP SIGNATURE-
>Version: PGPfreeware 6.5.3 for non-commercial use 
>Comment: Please use PGP!!!
>
>iQA/AwUBOWz5NwraVoMWBwRBEQK1bQCfZ7AgKWgp6SZkM8nS0pF41PRd0vQAn3eo
>DA20LgjRGGLIqeKsWvbi3ddR
>=omua
>-END PGP SIGNATURE-
>--
>Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
>To Unsubscribe visit 
>http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or 
>send a message to [EMAIL PROTECTED] with 'unsubscribe' in 
>the body.

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.