Recycle your Computers & Technology with us.

Potential vulnerability alert for NT servers running IIS!

Posted By : of Data Doctors on December 1, 2000

Follow us on Facebook   Follow us on Twitter   Follow us on LinkedIn

Let Data Doctors be your personal IT department today

Potential vulnerability alert for NT servers running IIS!

This question was answered on December 1, 2000. Much of the information contained herein may have changed since posting.

I've run into several customers who's NT machines have been used as anonymous FTP servers allowing anyone on the internet to download pirated software from their machines without their knowlege Once someone has put those files on such a machine, he/she advertises this fact to 500 of their closest friends and voila, your connection to the internet is completely clogged by these requests If you meet the following criteria, you might be next !

1 You have a dedicated, high speed connection to the internet via leased line (Frame-Relay, etc), DSL or cable modem.

2 You have IIS installed and it allows anonymous FTP access (which is the default setting!).

3 Your file permissions are such that anonymous FTP users can create and write files on your hard drive Simply put, anyone can put anything they want on your system.

The one common denominator in this sort of compromise is the existance of a file called 1MB or 1mb which is exactly 1000000 bytes This apparently is installed to determine whether or not your connection is fast enough to make you a suitable victim.

The bottom line is, don't allow anonymous FTP on IIS servers!

Lee Burton

Extreme Internet

<a href=""><font color="#003399"></font></a>

About the author

Posted by of Data Doctors on December 1, 2000

Need Help with this Issue?

We help people with technology! It's what we do.
Contact or Schedule an Appointment with a location for help!