Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: IWAM: Writing temp files to \winnt\temp

from [Joey Peloquin] Network Security [Permanent Link]
Subject: Re: IWAM: Writing temp files to \winnt\temp
Date: Sat, 21 Aug 2004 17:05:04 -0500
Dinis Cruz wrote: 
Hello Joey

It is refreshing to hear somebody worrying about those issues (btw what is
being written to the c:\winnt\temp folder?).

Many thanks to all who replied. In the end we consulted with our MSFT Security Strategist (misnomer?), and he relayed their only concern with IWAM and ASPNET having permissions to \winnt\temp was to ensure that Execute was not given. They look at ASPNET/IWAM writing and reading \winnt\temp as "scratching on a notepad".

Though not totally convinced it's safe, I'll keep an eye on it and allow it for now ;)

Cheers,
Joey

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.securityfocus.com/sponsor/InfoSecInstitute_pen-test_040817
-------------------------------------------------------------------------------

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Re: IWAM: Writing temp files to \winnt\temp, Joey Peloquin <=
Previous by Date:  Re: Ethereal Crashing on WinXP, A. Ramos
Next by Date:  Re: Phishing toolkit, Todd Burroughs
Previous by Thread:  password keeper, Juan B
Next by Thread:  interesting wireless card and linux issue, charles . tendell
Indexes:  [Date] [Thread] [Top] [All Lists]