IIS Lockdown and Urlscan

by Nishchal Bhalla and Rohyt Belani
Sept. 25, 2017 1 comment Symantec Pen Testing & Audits IISlockdown Urlscan

The security posture of a web application can be severely undermined if the underlying web server software is vulnerable. The web server software is the most visible and easy to exploit part of a web application. Even if the web application itself is impregnable it can be subject to serious security breaches if the underlying web server platform is insecure. As one of the more widely deployed web servers, Microsoft's IIS has been a frequent target for attackers over the last few years. It has been beleaguered by vulnerabilities such as source code disclosure attacks like $DATA, information exposures through sample scripts like showcode.asp, and easily exploited buffer overflow vulnerabilities which have fueled Internet-borne worms like Code Red and NIMDA. Such attacks emphasize the importance of web server security and more specifically IIS security. This article discusses two important vendor-provided tools (IIS Lockdown and Urlscan).


2flash 4 months, 3 weeks ago

Well-researched but not that well written... the language is quite tangled and you have to pay extra attention in order to understand what the author really meant.