RE: You know what would be really cool?
It is truly a sad state of affairs isn't it? This sort of thing has been happening on a regular basis since Allaire first started hosting a website. All three of their main components, Corporate, Forums, and Beta sites, have gone down or produced errors that really make them look bad. The two general types that I have seen the most, and that speak volumes about their infrastructure/administration in my opinion, are related to performance/load and database management. Ironically enough, these are two of tenants of the Allaire Performance Tuning class, optimizing your code and your database. Another problem that this exposes is Allaire's attention to detail and security. You can learn a lot about a system by getting such error messages. It may seem innocent enough but from this error message you know: 1) Using IIS 2) .. therefore, using NT 3) Web root is on D:, seperate from the system root 4) Exact path to the customtags directory 5) Template name 6) Exact line of offending code 7) 'CustomTagsV65' may indicate that they have multiple versions in one tree. This may provide further opportunity if the system is breached. 8) Allaire doesn't monitor it's servers effectively 9) Allaire doesn't seem to take it's web presence seriously enough even though the product it sells is made for developing high-end, robust, data-driven, web sites (enought buzz words there?). All this provides is information, not vulnerabilities, but, it is a definite start in profiling the system, and all without having to send a single suspicious packet their way. Anyone who has spent time profiling systems will understand this. So if Allaire is this shoddy in protecting/maintaining their corporate site what's going on with the areas of the site that manage customer information? Steve p.s. I don't have anything against Allaire, I'm just calling it like I see it. -Original Message- From: Sean Renet [mailto:[EMAIL PROTECTED]] I think it would be really cool if you went to Allaire's website, searched for something and didn't get this: Error Diagnostic Information Error occurred in tag CFSEARCH Collection failed to open: AllaireWeb6SiteSearch The error occurred while processing an element with a general identifier of (CFSEARCH), occupying document position (28:1) to (31:57) in the template file D:\WWWROOT\ALLAIREWEB65\CUSTOMTAGSV65\ALLAIREWEB\SITESEARCH\SITESE ARCH.CFM. Date/Time: 07/11/00 22:55:58 Browser: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Remote Address: 63.203.119.82 HTTP Referer: http://www.allaire.com/search/index.cfm How do these guys expect to have people buy into this language when thier own site is constantly breaking? -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: You know what would be really cool?
This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. --_=_NextPart_001_01BFEC13.BA40F1D0 Content-Type: text/plain Or they have deliberately misinformed you in the error message :-) Not that the error is deliberate...but the information it is giving you could be deliberately wrong. I have done this in past systems I have worked on.and set up most of my UNIX boxes to give wrong profiling information (including information in errors). Just a thought. Its fun watching people try linux exploits on a solaris box...or vice versa - or making a linux box look like an NT box. Bryan D. Batchelder Work: 813-935-7100 Palm/Internet Developer Home: 727-547-1322 ConnectWise, Inc. (www.ConnectWise.com) 2803 West Busch Blvd, Suite 204 Tampa, FL 33618 -Original Message- From: Steve Bernard [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 12, 2000 11:03 AM To: [EMAIL PROTECTED] Subject: RE: You know what would be really cool? It is truly a sad state of affairs isn't it? This sort of thing has been happening on a regular basis since Allaire first started hosting a website. All three of their main components, Corporate, Forums, and Beta sites, have gone down or produced errors that really make them look bad. The two general types that I have seen the most, and that speak volumes about their infrastructure/administration in my opinion, are related to performance/load and database management. Ironically enough, these are two of tenants of the Allaire Performance Tuning class, optimizing your code and your database. Another problem that this exposes is Allaire's attention to detail and security. You can learn a lot about a system by getting such error messages. It may seem innocent enough but from this error message you know: 1) Using IIS 2) .. therefore, using NT 3) Web root is on D:, seperate from the system root 4) Exact path to the customtags directory 5) Template name 6) Exact line of offending code 7) 'CustomTagsV65' may indicate that they have multiple versions in one tree. This may provide further opportunity if the system is breached. 8) Allaire doesn't monitor it's servers effectively 9) Allaire doesn't seem to take it's web presence seriously enough even though the product it sells is made for developing high-end, robust, data-driven, web sites (enought buzz words there?). All this provides is information, not vulnerabilities, but, it is a definite start in profiling the system, and all without having to send a single suspicious packet their way. Anyone who has spent time profiling systems will understand this. So if Allaire is this shoddy in protecting/maintaining their corporate site what's going on with the areas of the site that manage customer information? Steve p.s. I don't have anything against Allaire, I'm just calling it like I see it. -Original Message- From: Sean Renet [mailto:[EMAIL PROTECTED]] I think it would be really cool if you went to Allaire's website, searched for something and didn't get this: Error Diagnostic Information Error occurred in tag CFSEARCH Collection failed to open: AllaireWeb6SiteSearch The error occurred while processing an element with a general identifier of (CFSEARCH), occupying document position (28:1) to (31:57) in the template file D:\WWWROOT\ALLAIREWEB65\CUSTOMTAGSV65\ALLAIREWEB\SITESEARCH\SITESE ARCH.CFM. Date/Time: 07/11/00 22:55:58 Browser: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Remote Address: 63.203.119.82 HTTP Referer: http://www.allaire.com/search/index.cfm How do these guys expect to have people buy into this language when thier own site is constantly breaking? -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. --_=_NextPart_001_01BFEC13.BA40F1D0 Content-Type: text/html Content-Transfer-Encoding: quoted-printable !DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" HTML HEAD META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; = charset=3Dus-ascii" META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version = 5.5.2650.12" TITLERE: You know what would be really cool?/TITLE /HEAD BODY PFONT SIZE=3D2Or they have deliberately misinformed you in the = error message :-)nbsp; Not that the error is deliberate...but the = information it is giving you could be deliberately wrong./FONT/P PFONT SIZE=3D2I have done this in past systems I have worked = on.and set up most of my UNIX boxes to give wrong profiling = i
RE: You know what would be really cool?
Heh their site search was failing to create sessions yesterday.. But I can understand. Allaire is moving their entire company to a new building so lets cut thema lil slack ehh, I know the two are not really related.. but moving servers and stuff and keeping any kind of web presence is cool. :) Jeremy -Original Message- From: Steve Bernard [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 12, 2000 11:03 AM To: [EMAIL PROTECTED] Subject: RE: You know what would be really cool? It is truly a sad state of affairs isn't it? This sort of thing has been happening on a regular basis since Allaire first started hosting a website. All three of their main components, Corporate, Forums, and Beta sites, have gone down or produced errors that really make them look bad. The two general types that I have seen the most, and that speak volumes about their infrastructure/administration in my opinion, are related to performance/load and database management. Ironically enough, these are two of tenants of the Allaire Performance Tuning class, optimizing your code and your database. Another problem that this exposes is Allaire's attention to detail and security. You can learn a lot about a system by getting such error messages. It may seem innocent enough but from this error message you know: 1) Using IIS 2) .. therefore, using NT 3) Web root is on D:, seperate from the system root 4) Exact path to the customtags directory 5) Template name 6) Exact line of offending code 7) 'CustomTagsV65' may indicate that they have multiple versions in one tree. This may provide further opportunity if the system is breached. 8) Allaire doesn't monitor it's servers effectively 9) Allaire doesn't seem to take it's web presence seriously enough even though the product it sells is made for developing high-end, robust, data-driven, web sites (enought buzz words there?). All this provides is information, not vulnerabilities, but, it is a definite start in profiling the system, and all without having to send a single suspicious packet their way. Anyone who has spent time profiling systems will understand this. So if Allaire is this shoddy in protecting/maintaining their corporate site what's going on with the areas of the site that manage customer information? Steve p.s. I don't have anything against Allaire, I'm just calling it like I see it. -Original Message- From: Sean Renet [mailto:[EMAIL PROTECTED]] I think it would be really cool if you went to Allaire's website, searched for something and didn't get this: Error Diagnostic Information Error occurred in tag CFSEARCH Collection failed to open: AllaireWeb6SiteSearch The error occurred while processing an element with a general identifier of (CFSEARCH), occupying document position (28:1) to (31:57) in the template file D:\WWWROOT\ALLAIREWEB65\CUSTOMTAGSV65\ALLAIREWEB\SITESEARCH\SITESE ARCH.CFM. Date/Time: 07/11/00 22:55:58 Browser: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Remote Address: 63.203.119.82 HTTP Referer: http://www.allaire.com/search/index.cfm How do these guys expect to have people buy into this language when thier own site is constantly breaking? -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: You know what would be really cool?
I see! What a great idea. All of the tech staff and admins would have their Allaire Secret Decoder Rings(tm), available in Personal or Enterprise versions. Error says ODBC error? A quick flick of the dial and it's actually a syntax error! Zounds! a misplaced sign. The future is so bright, I need shades! Greg Creedon On Wed, 12 Jul 2000, Bryan Batchelder wrote: This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. --_=_NextPart_001_01BFEC13.BA40F1D0 Content-Type: text/plain Or they have deliberately misinformed you in the error message :-) Not that the error is deliberate...but the information it is giving you could be deliberately wrong. I have done this in past systems I have worked on.and set up most of my UNIX boxes to give wrong profiling information (including information in errors). Just a thought. Its fun watching people try linux exploits on a solaris box...or vice versa - or making a linux box look like an NT box. Bryan D. Batchelder Work: 813-935-7100 Palm/Internet Developer Home: 727-547-1322 ConnectWise, Inc. (www.ConnectWise.com) 2803 West Busch Blvd, Suite 204 Tampa, FL 33618 -Original Message- From: Steve Bernard [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 12, 2000 11:03 AM To: [EMAIL PROTECTED] Subject: RE: You know what would be really cool? It is truly a sad state of affairs isn't it? This sort of thing has been happening on a regular basis since Allaire first started hosting a website. All three of their main components, Corporate, Forums, and Beta sites, have gone down or produced errors that really make them look bad. The two general types that I have seen the most, and that speak volumes about their infrastructure/administration in my opinion, are related to performance/load and database management. Ironically enough, these are two of tenants of the Allaire Performance Tuning class, optimizing your code and your database. Another problem that this exposes is Allaire's attention to detail and security. You can learn a lot about a system by getting such error messages. It may seem innocent enough but from this error message you know: 1) Using IIS 2) .. therefore, using NT 3) Web root is on D:, seperate from the system root 4) Exact path to the customtags directory 5) Template name 6) Exact line of offending code 7) 'CustomTagsV65' may indicate that they have multiple versions in one tree. This may provide further opportunity if the system is breached. 8) Allaire doesn't monitor it's servers effectively 9) Allaire doesn't seem to take it's web presence seriously enough even though the product it sells is made for developing high-end, robust, data-driven, web sites (enought buzz words there?). All this provides is information, not vulnerabilities, but, it is a definite start in profiling the system, and all without having to send a single suspicious packet their way. Anyone who has spent time profiling systems will understand this. So if Allaire is this shoddy in protecting/maintaining their corporate site what's going on with the areas of the site that manage customer information? Steve p.s. I don't have anything against Allaire, I'm just calling it like I see it. -Original Message- From: Sean Renet [mailto:[EMAIL PROTECTED]] I think it would be really cool if you went to Allaire's website, searched for something and didn't get this: Error Diagnostic Information Error occurred in tag CFSEARCH Collection failed to open: AllaireWeb6SiteSearch The error occurred while processing an element with a general identifier of (CFSEARCH), occupying document position (28:1) to (31:57) in the template file D:\WWWROOT\ALLAIREWEB65\CUSTOMTAGSV65\ALLAIREWEB\SITESEARCH\SITESE ARCH.CFM. Date/Time: 07/11/00 22:55:58 Browser: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Remote Address: 63.203.119.82 HTTP Referer: http://www.allaire.com/search/index.cfm How do these guys expect to have people buy into this language when thier own site is constantly breaking? -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. --_=_NextPart_001_01BFEC13.BA40F1D0 Content-Type: text/html Content-Transfer-Encoding: quoted-printable !DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" HTML HEAD META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; = charset=3Dus-ascii" M
RE: You know what would be really cool?
It may seem innocent enough but from this error message you know: 1) Using IIS 2) .. therefore, using NT This can be found out through other means though - they're actually running IIS4... therefore NT4 From this info you could run attack attempts to check vunerabilities, but that'd be illegal BTW, if you want to check what someone is running, I find this site very useful http://www.netcraft.com/whats Philip Arnold ASP Multimedia Limited T: +44 (0)20 8680 1133 "Websites for the real world" ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. ** -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: You know what would be really cool?
Actually it's The future's so bright, I gotta wear shades! Just an FYI. --K Katrina Chapman Consultant Ameriquest Mortgage Greg Creedon [EMAIL PROTECTED] 07/12/00 08:54 AM Please respond to cf-talk To: "'[EMAIL PROTECTED]'" [EMAIL PROTECTED] cc: Subject: RE: You know what would be really cool? I see! What a great idea. All of the tech staff and admins would have their Allaire Secret Decoder Rings(tm), available in Personal or Enterprise versions. Error says ODBC error? A quick flick of the dial and it's actually a syntax error! Zounds! a misplaced sign. The future is so bright, I need shades! Greg Creedon On Wed, 12 Jul 2000, Bryan Batchelder wrote: This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. --_=_NextPart_001_01BFEC13.BA40F1D0 Content-Type: text/plain Or they have deliberately misinformed you in the error message :-) Not that the error is deliberate...but the information it is giving you could be deliberately wrong. I have done this in past systems I have worked on.and set up most of my UNIX boxes to give wrong profiling information (including information in errors). Just a thought. Its fun watching people try linux exploits on a solaris box...or vice versa - or making a linux box look like an NT box. Bryan D. Batchelder Work: 813-935-7100 Palm/Internet Developer Home: 727-547-1322 ConnectWise, Inc. (www.ConnectWise.com) 2803 West Busch Blvd, Suite 204 Tampa, FL 33618 -Original Message- From: Steve Bernard [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 12, 2000 11:03 AM To: [EMAIL PROTECTED] Subject: RE: You know what would be really cool? It is truly a sad state of affairs isn't it? This sort of thing has been happening on a regular basis since Allaire first started hosting a website. All three of their main components, Corporate, Forums, and Beta sites, have gone down or produced errors that really make them look bad. The two general types that I have seen the most, and that speak volumes about their infrastructure/administration in my opinion, are related to performance/load and database management. Ironically enough, these are two of tenants of the Allaire Performance Tuning class, optimizing your code and your database. Another problem that this exposes is Allaire's attention to detail and security. You can learn a lot about a system by getting such error messages. It may seem innocent enough but from this error message you know: 1) Using IIS 2) .. therefore, using NT 3) Web root is on D:, seperate from the system root 4) Exact path to the customtags directory 5) Template name 6) Exact line of offending code 7) 'CustomTagsV65' may indicate that they have multiple versions in one tree. This may provide further opportunity if the system is breached. 8) Allaire doesn't monitor it's servers effectively 9) Allaire doesn't seem to take it's web presence seriously enough even though the product it sells is made for developing high-end, robust, data-driven, web sites (enought buzz words there?). All this provides is information, not vulnerabilities, but, it is a definite start in profiling the system, and all without having to send a single suspicious packet their way. Anyone who has spent time profiling systems will understand this. So if Allaire is this shoddy in protecting/maintaining their corporate site what's going on with the areas of the site that manage customer information? Steve p.s. I don't have anything against Allaire, I'm just calling it like I see it. -Original Message- From: Sean Renet [mailto:[EMAIL PROTECTED]] I think it would be really cool if you went to Allaire's website, searched for something and didn't get this: Error Diagnostic Information Error occurred in tag CFSEARCH Collection failed to open: AllaireWeb6SiteSearch The error occurred while processing an element with a general identifier of (CFSEARCH), occupying document position (28:1) to (31:57) in the template file D:\WWWROOT\ALLAIREWEB65\CUSTOMTAGSV65\ALLAIREWEB\SITESEARCH\SITESE ARCH.CFM. Date/Time: 07/11/00 22:55:58 Browser: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Remote Address: 63.203.119.82 HTTP Referer: http://www.allaire.com/search/index.cfm How do these guys expect to have people buy into this language when thier own site is constantly breaking? -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.c
RE: You know what would be really cool?
This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. --_=_NextPart_001_01BFEC29.DA889A70 Content-Type: text/plain; charset="iso-8859-1" Well, I wasn't suggesting thatthough it might be cool ;-) I just meant they may (or should) put fake data in the message elsewhere. Not the specific message 'Syntax Error on line: 'but maybe switch out the path and some other info. Maybe even server specific data. I know its far fetched.but you can't assume everything is true. They may be running their site on CF Linux! Yeah right. --b Bryan D. Batchelder Work: 813-935-7100 Palm/Internet Developer Home: 727-547-1322 ConnectWise, Inc. (www.ConnectWise.com) 2803 West Busch Blvd, Suite 204 Tampa, FL 33618 -Original Message- From: Greg Creedon [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 12, 2000 11:55 AM To: '[EMAIL PROTECTED]' Subject: RE: You know what would be really cool? I see! What a great idea. All of the tech staff and admins would have their Allaire Secret Decoder Rings(tm), available in Personal or Enterprise versions. Error says ODBC error? A quick flick of the dial and it's actually a syntax error! Zounds! a misplaced sign. The future is so bright, I need shades! Greg Creedon On Wed, 12 Jul 2000, Bryan Batchelder wrote: This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. --_=_NextPart_001_01BFEC13.BA40F1D0 Content-Type: text/plain Or they have deliberately misinformed you in the error message :-) Not that the error is deliberate...but the information it is giving you could be deliberately wrong. I have done this in past systems I have worked on.and set up most of my UNIX boxes to give wrong profiling information (including information in errors). Just a thought. Its fun watching people try linux exploits on a solaris box...or vice versa - or making a linux box look like an NT box. Bryan D. Batchelder Work: 813-935-7100 Palm/Internet Developer Home: 727-547-1322 ConnectWise, Inc. (www.ConnectWise.com) 2803 West Busch Blvd, Suite 204 Tampa, FL 33618 -Original Message- From: Steve Bernard [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 12, 2000 11:03 AM To: [EMAIL PROTECTED] Subject: RE: You know what would be really cool? It is truly a sad state of affairs isn't it? This sort of thing has been happening on a regular basis since Allaire first started hosting a website. All three of their main components, Corporate, Forums, and Beta sites, have gone down or produced errors that really make them look bad. The two general types that I have seen the most, and that speak volumes about their infrastructure/administration in my opinion, are related to performance/load and database management. Ironically enough, these are two of tenants of the Allaire Performance Tuning class, optimizing your code and your database. Another problem that this exposes is Allaire's attention to detail and security. You can learn a lot about a system by getting such error messages. It may seem innocent enough but from this error message you know: 1) Using IIS 2) .. therefore, using NT 3) Web root is on D:, seperate from the system root 4) Exact path to the customtags directory 5) Template name 6) Exact line of offending code 7) 'CustomTagsV65' may indicate that they have multiple versions in one tree. This may provide further opportunity if the system is breached. 8) Allaire doesn't monitor it's servers effectively 9) Allaire doesn't seem to take it's web presence seriously enough even though the product it sells is made for developing high-end, robust, data-driven, web sites (enought buzz words there?). All this provides is information, not vulnerabilities, but, it is a definite start in profiling the system, and all without having to send a single suspicious packet their way. Anyone who has spent time profiling systems will understand this. So if Allaire is this shoddy in protecting/maintaining their corporate site what's going on with the areas of the site that manage customer information? Steve p.s. I don't have anything against Allaire, I'm just calling it like I see it. -Original Message- From: Sean Renet [mailto:[EMAIL PROTECTED]] I think it would be really cool if you went to Allaire's website, searched for something and didn't get this: Error Diagnostic Information Error occurred in tag CFSEARCH Collection failed to open: AllaireWeb6SiteSearch The error occu
RE: You know what would be really cool?
This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. --_=_NextPart_001_01BFEC2B.CCE3AED0 Content-Type: text/plain; charset="iso-8859-1" You could just as easily telnet to port 80 and type 'get' and get the same info. c:\telnet www.allaire.com 80 get HTTP/1.1 400 Bad Request Server: Microsoft-IIS/4.0 Date: Wed, 12 Jul 2000 18:07:05 GMT Content-Type: text/html Content-Length: 87 htmlheadtitleError/title/headbodyThe parameter is incorrect. /body /html Connection to host lost. But alas, this info can be changed tooat least under UNIX. --b Bryan D. Batchelder Work: 813-935-7100 Palm/Internet Developer Home: 727-547-1322 ConnectWise, Inc. (www.ConnectWise.com) 2803 West Busch Blvd, Suite 204 Tampa, FL 33618 -Original Message- From: Philip Arnold - ASP [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 12, 2000 12:28 PM To: [EMAIL PROTECTED] Subject: RE: You know what would be really cool? It may seem innocent enough but from this error message you know: 1) Using IIS 2) .. therefore, using NT This can be found out through other means though - they're actually running IIS4... therefore NT4 From this info you could run attack attempts to check vunerabilities, but that'd be illegal BTW, if you want to check what someone is running, I find this site very useful http://www.netcraft.com/whats Philip Arnold ASP Multimedia Limited T: +44 (0)20 8680 1133 "Websites for the real world" ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. ** -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. --_=_NextPart_001_01BFEC2B.CCE3AED0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable !DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" HTML HEAD META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; = charset=3Diso-8859-1" META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version = 5.5.2650.12" TITLERE: You know what would be really cool?/TITLE /HEAD BODY PFONT SIZE=3D2You could just as easily telnet to port 80 and type = 'get' and get the same info./FONT /P PFONT SIZE=3D2c:\gt;telnet www.allaire.com 80/FONT BRFONT SIZE=3D2get/FONT /P PFONT SIZE=3D2HTTP/1.1 400 Bad Request/FONT BRFONT SIZE=3D2Server: Microsoft-IIS/4.0/FONT BRFONT SIZE=3D2Date: Wed, 12 Jul 2000 18:07:05 GMT/FONT BRFONT SIZE=3D2Content-Type: text/html/FONT BRFONT SIZE=3D2Content-Length: 87/FONT /P PFONT = SIZE=3D2lt;htmlgt;lt;headgt;lt;titlegt;Errorlt;/titlegt;lt;/he= adgt;lt;bodygt;The parameter is incorrect. lt;/bodygt;/FONT BRFONT SIZE=3D2lt;/htmlgt;/FONT /P PFONT SIZE=3D2Connection to host lost./FONT /P PFONT SIZE=3D2But alas, this info can be changed tooat least = under UNIX./FONT /P PFONT SIZE=3D2--b/FONT /P PFONT SIZE=3D2/FONT BRFONT SIZE=3D2Bryan D. = Batcheldernbsp;nbsp;nbsp;nbsp;nbsp;nbsp; Work: = 813-935-7100/FONT BRFONT SIZE=3D2Palm/Internet Developernbsp;nbsp; Home: = 727-547-1322/FONT BRFONT SIZE=3D2/FONT BRFONT SIZE=3D2ConnectWise, Inc. (www.ConnectWise.com)/FONT BRFONT SIZE=3D22803 West Busch Blvd, Suite 204/FONT BRFONT SIZE=3D2Tampa, FL 33618/FONT BRFONT SIZE=3D2/FONT /P PFONT SIZE=3D2-Original Message-/FONT BRFONT SIZE=3D2From: Philip Arnold - ASP [A = HREF=3D"mailto:[EMAIL PROTECTED]"mailto:[EMAIL PROTECTED]/A]/FONT= BRFONT SIZE=3D2Sent: Wednesday, July 12, 2000 12:28 PM/FONT BRFONT SIZE=3D2To: [EMAIL PROTECTED]/FONT BRFONT SIZE=3D2Subject: RE: You know what would be really = cool?/FONT /P BR PFONT SIZE=3D2gt; It may seem innocent enough but from this error = message you know:/FONT BRFONT SIZE=3D2gt;/FONT BRFONT SIZE=3D2gt; 1) Using IIS/FONT BRFONT SIZE=3D2gt; 2) .. therefore, using NT/FONT /P PFONT SIZE=3D2This can be found out through other means though - = they're actually running/FONT BRFONT SIZE=3D2IIS4... therefore NT4/FONT /P PFONT SIZE=3D2From this info you could run attack attempts to check = vunerabilities, but/FONT BRFONT SIZE=3D2that'd be illegal/FONT /P PFONT SIZE=3D2BTW, if you want to check what someone is runn
RE: You know what would be really cool?
As I said, this information is given to you without having to do any work. It is rather trivial to profile the outside interfaces of a server but, when a company makes itself stick out by having things like this happen on a regular and long term basis it can make that company more susceptible to intrusion. If nothing else it makes them look bad. It's a legitimate concern when a company doesn't use their own product to set a positive and impressive example. But then, Allaire has historically put security on the back burner in their products. I remember when Allaire first introduced the web based administrator in CF, 2.0 or 3.0, without requiring any authentication or authorization at all. You could go to any CF-based site and shut it down, 'click'. Their response was along the lines of, "but, but ... that's just not fair." As a matter of fact, I met and talked to Jeremy Allaire during this period and questioned him on this matter and he told me flat out that during the development cycle security was definitely put on a back burner to features and time schedule. This business philosophy continues as evidenced by the security holes in 4.x. Microsoft endures unending criticism for its philosophy of features before security, and Sun has been blasted for various holes in the JRE and Sandbox architectures. Where's the outcry to Allaire? People want to use CF to create Internet environments that form the foundation of e-commerce but, don't seem overly concerned about the security of the product until AFTER someone exploits it. I say "hats off" to RFP, Matt Chapman, and the others who have exposed weaknesses in Allaire's products. At least they take the time to look. Steve -Original Message- From: Philip Arnold - ASP [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 12, 2000 12:28 PM To: [EMAIL PROTECTED] Subject: RE: You know what would be really cool? It may seem innocent enough but from this error message you know: 1) Using IIS 2) .. therefore, using NT This can be found out through other means though - they're actually running IIS4... therefore NT4 From this info you could run attack attempts to check vunerabilities, but that'd be illegal BTW, if you want to check what someone is running, I find this site very useful http://www.netcraft.com/whats Philip Arnold ASP Multimedia Limited T: +44 (0)20 8680 1133 "Websites for the real world" ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. ** -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: You know what would be really cool?
Deliberate obfuscation of environment information is a legitimate security technique but, I have never seen this used on debug information. If nothing else, you severely hamper your developers ability to fix problem quickly and effectively. The type of information in this error message combined with the fact that their sites have been throwing errors since inception lead me to believe that obfuscation is not being used here. Also, I've talked with their web team before regarding various issues and the problem always ends up being related to the error message that is thrown. Steve -Original Message- From: Greg Creedon [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 12, 2000 11:55 AM To: '[EMAIL PROTECTED]' Subject: RE: You know what would be really cool? I see! What a great idea. All of the tech staff and admins would have their Allaire Secret Decoder Rings(tm), available in Personal or Enterprise versions. Error says ODBC error? A quick flick of the dial and it's actually a syntax error! Zounds! a misplaced sign. The future is so bright, I need shades! Greg Creedon On Wed, 12 Jul 2000, Bryan Batchelder wrote: This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. --_=_NextPart_001_01BFEC13.BA40F1D0 Content-Type: text/plain Or they have deliberately misinformed you in the error message :-) Not that the error is deliberate...but the information it is giving you could be deliberately wrong. I have done this in past systems I have worked on.and set up most of my UNIX boxes to give wrong profiling information (including information in errors). Just a thought. Its fun watching people try linux exploits on a solaris box...or vice versa - or making a linux box look like an NT box. Bryan D. Batchelder Work: 813-935-7100 Palm/Internet Developer Home: 727-547-1322 ConnectWise, Inc. (www.ConnectWise.com) 2803 West Busch Blvd, Suite 204 Tampa, FL 33618 -Original Message- From: Steve Bernard [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 12, 2000 11:03 AM To: [EMAIL PROTECTED] Subject: RE: You know what would be really cool? It is truly a sad state of affairs isn't it? This sort of thing has been happening on a regular basis since Allaire first started hosting a website. All three of their main components, Corporate, Forums, and Beta sites, have gone down or produced errors that really make them look bad. The two general types that I have seen the most, and that speak volumes about their infrastructure/administration in my opinion, are related to performance/load and database management. Ironically enough, these are two of tenants of the Allaire Performance Tuning class, optimizing your code and your database. Another problem that this exposes is Allaire's attention to detail and security. You can learn a lot about a system by getting such error messages. It may seem innocent enough but from this error message you know: 1) Using IIS 2) .. therefore, using NT 3) Web root is on D:, seperate from the system root 4) Exact path to the customtags directory 5) Template name 6) Exact line of offending code 7) 'CustomTagsV65' may indicate that they have multiple versions in one tree. This may provide further opportunity if the system is breached. 8) Allaire doesn't monitor it's servers effectively 9) Allaire doesn't seem to take it's web presence seriously enough even though the product it sells is made for developing high-end, robust, data-driven, web sites (enought buzz words there?). All this provides is information, not vulnerabilities, but, it is a definite start in profiling the system, and all without having to send a single suspicious packet their way. Anyone who has spent time profiling systems will understand this. So if Allaire is this shoddy in protecting/maintaining their corporate site what's going on with the areas of the site that manage customer information? Steve p.s. I don't have anything against Allaire, I'm just calling it like I see it. -Original Message- From: Sean Renet [mailto:[EMAIL PROTECTED]] I think it would be really cool if you went to Allaire's website, searched for something and didn't get this: Error Diagnostic Information Error occurred in tag CFSEARCH Collection failed to open: AllaireWeb6SiteSearch The error occurred while processing an element with a general identifier of (CFSEARCH), occupying document position (28:1) to (31:57) in the template file D:\WWWROOT\ALLAIREWEB65\CUSTOMTAGSV65\ALLAIREWEB\SITESEARCH\SITESE ARCH.CFM. Date/Time: 07/11/00 22:55:58 Browser: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Remote Address: 63.203.119.82 HTTP
Re: You know what would be really cool?
- Original Message - From: "Philip Arnold - ASP" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, July 12, 2000 12:27 PM Subject: RE: You know what would be really cool? It may seem innocent enough but from this error message you know: 1) Using IIS 2) .. therefore, using NT This can be found out through other means though - they're actually running IIS4... therefore NT4 Not necessarily NT4 just because of IIS4 though. That runs on 98 too (yes its PWS but still reports IIS4). Fred -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
Re: You know what would be really cool?
The future's so bright, I gotta wear shades! Second verse: ..."I studied ColdFusion coding, I read Ben Forta; Subscribe to CF-Talk, but I killfile (OT) squawk; CF_ tags are kewl, CFX_ is even kewler... When CF Studio they see, co-workers get enraged Those poor ASP coders... They're stuck with FrontPage, They're stuck with FrontPage..." Brandon Whitaker [EMAIL PROTECTED] --- "It'll get used by the same people using Opera. People dressed in black wearing berets." - Dave Watts, on Mozilla "It makes you feel so welcome to have a greeter like Papa Dave at the door. Kind of like what Wal-Mart wishes it could do." - John Allred, on Dave Watts "The net interprets censorship as damage and routes around it." - John Gilmore -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: You know what would be really cool?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 1) Using IIS 2) .. therefore, using NT This can be found out through other means though - they're actually running IIS4... therefore NT4 Not necessarily NT4 just because of IIS4 though. That runs on 98 too (yes its PWS but still reports IIS4). If Allaire is running their webservers on a 98 box, I think I'll wet myself laughing... It wouldn't particularlly SURPRISE me, given what I've seen, but it would be dang funny! g Regards, Zac Bedell -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.5.3 for non-commercial use http://www.pgp.com Comment: Please use PGP!!! iQA/AwUBOWz5NwraVoMWBwRBEQK1bQCfZ7AgKWgp6SZkM8nS0pF41PRd0vQAn3eo DA20LgjRGGLIqeKsWvbi3ddR =omua -END PGP SIGNATURE- -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: You know what would be really cool?
CF'ers -- I've paid for entertainment that isn't this good. It would be different if the problem was not chronic and acute (IMHO) Tom At 07:03 PM 7/12/00, you wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 1) Using IIS 2) .. therefore, using NT This can be found out through other means though - they're actually running IIS4... therefore NT4 Not necessarily NT4 just because of IIS4 though. That runs on 98 too (yes its PWS but still reports IIS4). If Allaire is running their webservers on a 98 box, I think I'll wet myself laughing... It wouldn't particularlly SURPRISE me, given what I've seen, but it would be dang funny! g Regards, Zac Bedell -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.5.3 for non-commercial use http://www.pgp.com Comment: Please use PGP!!! iQA/AwUBOWz5NwraVoMWBwRBEQK1bQCfZ7AgKWgp6SZkM8nS0pF41PRd0vQAn3eo DA20LgjRGGLIqeKsWvbi3ddR =omua -END PGP SIGNATURE- -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
You know what would be really cool?
I think it would be really cool if you went to Allaire's website, searched for something and didn't get this: Error Diagnostic Information Error occurred in tag CFSEARCH Collection failed to open: AllaireWeb6SiteSearch The error occurred while processing an element with a general identifier of (CFSEARCH), occupying document position (28:1) to (31:57) in the template file D:\WWWROOT\ALLAIREWEB65\CUSTOMTAGSV65\ALLAIREWEB\SITESEARCH\SITESEARCH.CFM. Date/Time: 07/11/00 22:55:58 Browser: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Remote Address: 63.203.119.82 HTTP Referer: http://www.allaire.com/search/index.cfm How do these guys expect to have people buy into this language when thier own site is constantly breaking? -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: You know what would be really cool?
My apologies to the list but I'm in a real jovial mood today so couldn't resist the temptation. I think you are experiencing a new custom tag CF_ALLAIRE_FACTORY_FITTED ERROR Kevin Parker Service and Communication WorkCover Corporation [EMAIL PROTECTED] ph: +61 8 82332548 fax: +61 8 82332000 -Original Message- From: Sean Renet [mailto:[EMAIL PROTECTED]] Sent: Wednesday, 12 July 2000 12:27:PM To: [EMAIL PROTECTED] Subject: You know what would be really cool? I think it would be really cool if you went to Allaire's website, searched for something and didn't get this: Error Diagnostic Information Error occurred in tag CFSEARCH Collection failed to open: AllaireWeb6SiteSearch The error occurred while processing an element with a general identifier of (CFSEARCH), occupying document position (28:1) to (31:57) in the template file D:\WWWROOT\ALLAIREWEB65\CUSTOMTAGSV65\ALLAIREWEB\SITESEARCH\SITESEARCH.CFM. Date/Time: 07/11/00 22:55:58 Browser: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Remote Address: 63.203.119.82 HTTP Referer: http://www.allaire.com/search/index.cfm How do these guys expect to have people buy into this language when thier own site is constantly breaking? -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. This e-mail is intended for the use of the addressee only. It may contain information that is protected by legislated confidentiality and/or is legally privileged. If you are not the intended recipient you are prohibited from disseminating, distributing or copying this e-mail. Any opinion expressed in this e-mail may not necessarily be that of the WorkCover Corporation of South Australia. Although precautions have been taken, the sender cannot warrant that this e-mail or any files transmitted with it are free of viruses or any other defect. If you have received this e-mail in error, please notify the sender immediately by return e-mail and destroy the original e-mail and any copies. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: You know what would be really cool?
lol, I know I was showing my brother (C++ person) how cool CF was and took him to the Allaire site (Mistake!) to show him some of the Developers Exchange stuff...We did a search and kept getting the same thingHe fell over laughing... -Original Message- From: Sean Renet [mailto:[EMAIL PROTECTED]] I think it would be really cool if you went to Allaire's website, searched for something and didn't get this: Error Diagnostic Information Error occurred in tag CFSEARCH Collection failed to open: AllaireWeb6SiteSearch The error occurred while processing an element with a general identifier of (CFSEARCH), occupying document position (28:1) to (31:57) in the template file D:\WWWROOT\ALLAIREWEB65\CUSTOMTAGSV65\ALLAIREWEB\SITESEARCH\SITESE ARCH.CFM. Date/Time: 07/11/00 22:55:58 Browser: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Remote Address: 63.203.119.82 HTTP Referer: http://www.allaire.com/search/index.cfm How do these guys expect to have people buy into this language when thier own site is constantly breaking? -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.