Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Some Few Doubts on IIS Vuln

from [kaps lock] Network Security [Permanent Link]
Subject: Some Few Doubts on IIS Vuln
Date: Mon, 31 Jan 2005 09:29:26 -0800 (PST) 

hi all,
I did a VA scan using nESSUS and was need help in the
analysis part of it and inturn learn more :

1).IDA ISAPI filter mapped
   What does mapped means?Could anyone tell me what
exactly this filter is used for and what is a .ida
extension ,i mean i know code red and all but still
wud like to know what is the function of this filter
and wht a .ida extension is ?an example string ....if
anyone knows to test this vuln on server tht i cud use
as a manual penetration tsting tip?

2)if i find a server on which u can successfull upload
and delete a file say test.html with PUT and
DELETE.How could i manually actually do this on the
server ,basically how to craft that attack or how to
go about it.

3)The mail server on a specially crafted GET request
reveals the authentication mechanism??
What reuqest by Nessus made this conclusion?any tips

4)too many arguements on the ACCEPT command can crash
the server..now this is surely a false positive but i
cud i make it for sure?

thanks all...              


                
__________________________________ 
Do you Yahoo!? 
Take Yahoo! Mail with you! Get it on your mobile phone. 
http://mobile.yahoo.com/maildemo
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: RPC over HTTP security, Paris E. Stone
Next by Date:  RE: RPC over HTTP security, Depp, Dennis M.
Previous by Thread:  Re: Exchange <--> Outlook Monitoring, Steve
Next by Thread:  RE: Exchange <--> Outlook Monitoring, Eric McCarty
Indexes:  [Date] [Thread] [Top] [All Lists]