TallyList : mailing list management, archiving, and analysis

Archive of:
CF-Talk
Cold Fusion - Technical

home
24 hour view
quick stats
weekly updates

all tallylists
corporate solutions
archive your favorite
help / feedback

About Cold Fusion :
product's home
product's list home

Archived TallyList / CF-Talk:
Subject: Re: The +.htr bug strikes again

Greg Wolfinger (191p/+0r) Posted: Thursday 11 Jan 2001
This post: 100 views, +0 rating

You coulda just checked your logs and found their IP address that way too.

--=@ greg @=-- ----- Original Message ----- From: "Brendan Avery" <ba@brendanavery.com> To: "CF-Talk" <cf-talk@houseoffusion.com> Sent: Thursday, January 11, 2001 3:33 PM Subject: RE: The +.htr bug strikes again

> we got hit with an /iisadmpwd/*.htr bug hack a couple of days ago on a > low-security machine. > > "prime suspectz ownz you" hack page. > > but i got their ADSL ip number after emailing them with a web bug. > > eeediots. > > --brendan avery / ba@brendanavery.com > > At 03:14 PM 1/11/2001 -0500, you wrote: > >How does one test to see if the problem has be fixed? > > > >Won > > > >-----Original Message----- > >From: Zachary Bedell [mailto:Aramis@adirondack.net] > >Sent: Thursday, December 21, 2000 10:47 PM > >To: CF-Talk > >Subject: RE: The +.htr bug strikes again > > > > > > > Someone should probably make an official "checklist" > > > to run through when you setup a CF server. > > > >How about these additions to said checklist: > > > >In addition to removing the .htr mapping, also remove the mappings for any > >other extensions that you won't be using on that server. > > > >Like: > >htw -- unless you're using the WebHits highligher > >ida, idq, htr, idc -- unless you're using old-style Index Server access > >asp, cer, cdx, asa -- unless you're also hosting ASP apps on that server > >shtm, shtml, stm -- unless you're using Server Side Include files > >printer -- WTF is this and why did IIS install it for Win2k? > > > >You could probably also yank the dbm extension unless you have REALLY old CF > >code lying around. > > > >Basically your goal is to DISABLE any functionality of your server that > >you're not currently using. The less junk you have running on the server, > >the less chance someone will find a bug in part of the server you didn't > >even know was there. > > > >Granted, there's a fine and arcane art to disabling just the right things > >without breaking any part of your server. You'd be best to play on a > >production server that you can afford to trash & reinstall a few times if > >need be. Certainly, though, deleting extensions for file types not used in > >your sites (or your customer's sites for webhosts) is completely safe and a > >good idea in general. > > > >Best regards, > >Zac Bedell > > >

Similar Subject Line Posts (+/- two weeks of this post)

RE: The +.htr bug strikes again	11 Jan 2001	(109 v/ +0 r)
Re: The +.htr bug strikes again	11 Jan 2001	(287 v/ +2 r)
RE: The +.htr bug strikes again	11 Jan 2001	(91 v/ +0 r)
Re: The +.htr bug strikes again	11 Jan 2001	(99 v/ +0 r)
Re: The +.htr bug strikes again	11 Jan 2001	(106 v/ +0 r)
Re: The +.htr bug strikes again	11 Jan 2001	(97 v/ +0 r)
RE: The +.htr bug strikes again	11 Jan 2001	(110 v/ +0 r)
RE: The +.htr bug strikes again	11 Jan 2001	(96 v/ +0 r)
RE: The +.htr bug strikes again	11 Jan 2001	(94 v/ +0 r)
RE: The +.htr bug strikes again	11 Jan 2001	(93 v/ +0 r)
Re: The +.htr bug strikes again	11 Jan 2001	(91 v/ +0 r)
Re: The +.htr bug strikes again	11 Jan 2001	(108 v/ +0 r)
Re: The +.htr bug strikes again	11 Jan 2001 (this post)	(100 v/ +0 r)

Send a reply to the CF-Talk list!
	NOTE: Many lists will reject your post unless you have already registered with them. Also - don't forget the right account to send from (for those with multiple emails!)