Pages: 1/1 First page 1 Final page [ View by Articles | List ]
这个漏洞很强大...值得关注··因为是 Remote 的··危害还是很严重···
附EXP:
Tags: , , , ,

配置IIS蜜罐抵御黑客攻击

  [晴 July 20, 2008 00:09 | by !4p47hy ]
来源:51CTO
据有关资料显示,现在有大量的服务器仍在使用IIS提供Web服务,甚至有争夺占领Apache市场的趋势。在Web威胁日益严重的今天,我们当然要采用反病毒、防火墙、UTM、NAC等手段来加强网络安全。但是,有时正确地建设一个蜜罐也是对付黑客的必需任务。

IIS_AD IIS扩展源代码

  [多云 May 3, 2008 10:45 | by ]
来源:安全警戒线论坛
用于向网页中插入代码,支持iframe以及script 标签。
原本这程序是别人定做的,因为交易方式的分歧,闹的不惶而散。看到群里有人不知道在那弄到的,当成宝贝是的,既然没交易,就发出来吧。原本人家是用来挂广告的,让有心人用来挂马用了。原理很简单,就是在IIS应用程序池isapi,特点是解决了win2003假死问题,缩短IIS应用池回收时间。
Tags: , , ,

Exploiting IIS via HTMLEncode (MS08-006)

  [晴 February 15, 2008 11:39 | by ]
The second Tuesday of every month is a busy time at BreakingPoint; myself and the rest of the security team stop what we are doing and focus entirely on the patches released by Microsoft. Using IDA Pro in conjunction with BinDiff, we compare the existing files with their patched versions and review the differences. This month, Microsoft released patches for seventeen individual vulnerabilities split into eleven different bulletins. Two of these were denial of service flaws, one was a local privilege

IIS与SQL服务器安全加固详解

  [多云 November 5, 2007 11:38 | by ]
IIS Web服务器安全加固步骤:
  
  步骤 安装和配置 Windows Server 2003。
  
  注意:
  1.将\System32\cmd.exe转移到其他目录或更名;
Tags: , , ,
Pages: 1/1 First page 1 Final page [ View by Articles | List ]