r 09, 2001 6:16 PM
Subject: RE: Location of web root
> You couldn't use posix because you would have removed all reference to
POSIX
> when locking down IIS
>
> -Original Message-
> From: Rj Subramanian [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, November 08, 2001 7:50
x box anyway! :)
-Original Message-
From: Rj Subramanian [mailto:[EMAIL PROTECTED]]
Sent: Thursday, November 08, 2001 6:50 PM
To: [EMAIL PROTECTED]
Subject: RE: Location of web root
Hey all,
Directory traversals are one thing, but can anybody think of any reason why
an attacker couldn'
You couldn't use posix because you would have removed all reference to POSIX
when locking down IIS
-Original Message-
From: Rj Subramanian [mailto:[EMAIL PROTECTED]]
Sent: Thursday, November 08, 2001 7:50 PM
To: [EMAIL PROTECTED]
Subject: RE: Location of web root
Hey all,
Dire
50 AM
To: [EMAIL PROTECTED]
Subject: RE: Location of web root
Hey all,
Directory traversals are one thing, but can anybody think of any reason why
an attacker couldn't use the posix subsystem to navigate to whichever
drive\partition\directory he or she wanted to test?
Rj Subramanian
All the recommendations on moving the web root to another drive are
valid and correct. In fact, as Stefan Osterlitz points out, changing
the default names and locations for as much of the system hierarchy as
possible will enhance security.
In particular, if the utmost security is necessary, I re
ailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 06, 2001 4:46 AM
To: [EMAIL PROTECTED]
Subject: RE: Location of web root
The first major points about placing the wwwroot in a non-standard location
is for the Directory Traversal exploit as you've brought up already. Many
exploits will either rely o
On Fri, 2001-11-02 at 00:36, Daymon McCartney wrote:
> I'm trying to articulate the reasons why it's better to place the root of a
> website on a separate partition, or at least in a separate directory from
> the application which uses IIS as a front-end...
I'm new around here, so maybe I'm off
parate
drive or partition since you cannot change drives only move up/down the
dir structure.
-Original Message-
From: Daymon McCartney [mailto:[EMAIL PROTECTED]]
Sent: Friday, November 02, 2001 12:37 AM
To: [EMAIL PROTECTED]
Subject: Location of web root
OK Everyone, I need some help!
al Message-
From: Mike Joffe [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 06, 2001 2:01 AM
To: '[EMAIL PROTECTED]'
Subject: RE: Location of web root
Daymon,
Paranoia in the wake of Nimda and Code Red is hardly a bad thing, and I'd
look at this question primarily from a security po
> Unfortunately, everyone thinks I'm crazy and cannot see the
> impact that the
> placement of the root folder may have. What sort of concrete
> evidence is
> out there for me to use to support my case? ...Or am I just being
too
> paranoid about the placement of the root folder?!?
Most attacks
McCartney [mailto:[EMAIL PROTECTED]]
Sent: Friday, November 02, 2001 7:37 AM
To: [EMAIL PROTECTED]
Subject: Location of web root
OK Everyone, I need some help!
I'm trying to articulate the reasons why it's better to place the root
of a
website on a separate partition, or at least in a separate
Greetz,
I have a spyware program sending something to some http server somewhere on
some machine here. I would like to find out what it's posting to that
server. Is there a util somewhere that I can use for this. Something that
will sort of work like this:
1. I will put in my hosts file an ip addr
12 matches
Mail list logo