1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

IIS vs Google

Discussion in 'Computer Security' started by Fergal1982, Dec 16, 2005.

  1. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    171
    211
    Reading through this first steps book in security by cisco, and they made an interesting point.

    Go to google and typ in "welcome to IIS 4.0" the result numbers are staggering. and just think that most of these hits are servers running IIS. No idea about the details of IIS, but if you can i think it would be a good idea to disable this feature of it, as the book puts it, its like an all night buffet!!!

    Just thought you guys would be interested.

    Fergal
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  2. zimbo
    Honorary Member

    zimbo Petabyte Poster

    5,215
    98
    181
    i got a few questions mate...are you using this book as an introduction to computer security Eg is it your first taste of security? If so how is it going so far?

    Second what you mean google "welcome to IIS"? i got about 700 000 hits!
     
    Certifications: B.Sc, MCDST & MCSA
    WIP: M.Sc - Computer Forensics
  3. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,871
    167
    256
    Fergal I think the Welcome to IIS4 or 5 are the default web pages that come with IIS. Clearly these should be disabled but they haven't for some reason. Or maybe they are cached google hits from when the servers were initially being tested.
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)
  4. d-Faktor
    Honorary Member

    d-Faktor R.I.P - gone but never forgotten.

    810
    0
    39
  5. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    171
    211
    its likely that these just havent been disabled, but it essentially gives a hacker your servers address, and gives them a decent lead on whats being run on the system. Just figured that i might mention it for anyone interested (never know, someone may have a system doing this).

    Zimbo, if reading this as an introduction. To be honest i havent got too far into it yet, but it seems fairly interesting. Started off with talking about the weakest link - people. and talked through a typical hackers sequence of events in an attack.
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  6. dotnetms

    dotnetms Bit Poster

    17
    0
    2
    Have never found IIS reliable :P
     

Share This Page

Loading...