You probably want to read the Microsoft documentation on how to lockdown
the server extensions
(http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/prodtechnol/sharepnt/maintain/security/stssecur.asp).
This link is actually for SharePoint Team Services but almost everything
also app
Looks as if someone was using your server as a pub
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, November 26, 2001 6:42 PM
To: [EMAIL PROTECTED]
Subject: FTP Vulnerability via Front Page Extensions?
I am running W2kserver and IIS 5.0 with Front Pag
Rob
These are commonly known in the warez community as "pubs", and you were NOT
hacked into, by default it seems that the hidden FPX directories are writeable
by anonymous through ftp, and are invisible to the unsuspecting user who
doesn't have "show hidden files enabled" disable anonymous ac
Yes, the Frontpage extensions are mostly insecure and have many patches
for various problems.
Why donèt you create accounts for each of your friends? That way they
can login without enabling anonymous access.
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Se
I cut and pasted this from the ISS Xforce website http://www.iss.net/xforce
frontpage-pwd-users (3392) Low Risk
FrontPage Extensions users.pwd file could reveal encrypted passwords
Description:
Microsoft FrontPage Extensions creates a file users.pwd inside the _vti_pvt
directory in the HTT
Message -
From: "Jean-François Asselin" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, November 28, 2001 8:59 AM
Subject: RE: FTP Vulnerability via Front Page Extensions?
> Yes, the Frontpage extensions are mostly insecure and
