Question
Potential vulnerability alert for NT servers running IIS!
|
Potential vulnerability alert for NT servers running IIS!
AnswerThis question was answered on December 1, 2000. Much of the information contained herein may have changed since posting. I've run into several customers who's NT machines have been used as anonymous FTP servers allowing anyone on the internet to download pirated software from their machines without their knowlege. Once someone has put those files on such a machine, he/she advertises this fact to 500 of their closest friends and voila, your connection to the internet is completely clogged by these requests. If you meet the following criteria, you might be next ! 1. You have a dedicated, high speed connection to the internet via leased line (Frame-Relay, etc), DSL or cable modem. 2. You have IIS installed and it allows anonymous FTP access (which is the default setting!). 3. Your file permissions are such that anonymous FTP users can create and write files on your hard drive. Simply put, anyone can put anything they want on your system. The one common denominator in this sort of compromise is the existance of a file called 1MB or 1mb which is exactly 1000000 bytes. This apparently is installed to determine whether or not your connection is fast enough to make you a suitable victim. The bottom line is, don't allow anonymous FTP on IIS servers! Lee Burton Extreme Internet <a href="http://www.extremezone.com"><font color="#003399">www.extremezone.com</font></a>
AuthorPosted by Ken of Data Doctors on December 1, 2000
|
Privacy PolicySite contents © 1988-2008 by Data Doctors Franchise Systems Inc. All rights reserved. | 
Sitemap