IIS vs Google

Fergal1982 · Dec 16, 2005

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Reading through this first steps book in security by cisco, and they made an interesting point.

Go to google and typ in "welcome to IIS 4.0" the result numbers are staggering. and just think that most of these hits are servers running IIS. No idea about the details of IIS, but if you can i think it would be a good idea to disable this feature of it, as the book puts it, its like an all night buffet!!!

Just thought you guys would be interested.

Fergal

zimbo · Dec 16, 2005

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

i got a few questions mate...are you using this book as an introduction to computer security Eg is it your first taste of security? If so how is it going so far?

Second what you mean google "welcome to IIS"? i got about 700 000 hits!

Bluerinse · Dec 16, 2005

Fergal1982 said:

Reading through this first steps book in security by cisco, and they made an interesting point.

Go to google and typ in "welcome to IIS 4.0" the result numbers are staggering. and just think that most of these hits are servers running IIS. No idea about the details of IIS, but if you can i think it would be a good idea to disable this feature of it, as the book puts it, its like an all night buffet!!!

Just thought you guys would be interested.

Fergal
Click to expand...

Fergal I think the Welcome to IIS4 or 5 are the default web pages that come with IIS. Clearly these should be disabled but they haven't for some reason. Or maybe they are cached google hits from when the servers were initially being tested.

d-Faktor · Dec 16, 2005

check http://johnny.ihackstuff.com/index.php?module=prodreviews for hundreds of other google exposed vulnerabilities.

Fergal1982 · Dec 17, 2005

its likely that these just havent been disabled, but it essentially gives a hacker your servers address, and gives them a decent lead on whats being run on the system. Just figured that i might mention it for anyone interested (never know, someone may have a system doing this).

Zimbo, if reading this as an introduction. To be honest i havent got too far into it yet, but it seems fairly interesting. Started off with talking about the weakest link - people. and talked through a typical hackers sequence of events in an attack.

dotnetms · Mar 22, 2006

Have never found IIS reliable :P

Log in or Sign up

IIS vs Google

Fergal1982 Petabyte Poster

zimbo Petabyte Poster

Bluerinse Exabyte Poster

d-Faktor R.I.P - gone but never forgotten.

Fergal1982 Petabyte Poster

dotnetms Bit Poster

Share This Page

Navigation

Popular Forums

Useful Links

Log in or Sign up

IIS vs Google

Fergal1982 Petabyte Poster

zimbo Petabyte Poster

Bluerinse Exabyte Poster

d-Faktor R.I.P - gone but never forgotten.

Fergal1982 Petabyte Poster

dotnetms Bit Poster

Share This Page

Useful Searches