Re: iis scanning

From: Patrick Oonk (patrickat_private)
Date: Tue Jul 03 2001 - 04:03:51 PDT

  • Next message: Markus Kern: "Re: Why would someone DoS a free-lance writer?"

    On Mon, Jul 02, 2001 at 03:09:27PM -0400, Jordan K Wiens wrote:
    > Anyone seen an iis scan that attempts to access boo.bat among other
    > requests along with directory traversal attempts?  I found the source of
    > the script on the web but no mention is made of what boo.bat is included
    > for.  Anyone know what this is?
    > 
    > http://www.securityfocus.com/tools/2060
    > 
    
    Arirang (http://www.monkey.org/~pilot/arirang/) does a pretty good
    job in identifying potentiel IIS installtion risks.
    
    -- 
     Patrick Oonk - PO1-6BONE - E: patrickat_private - www.pine.nl/~patrick
     Pine Internet  -  PAT31337-RIPE  -   Hushmail: p.oonkat_private
     T: +31-70-3111010  -   F: +31-70-3111011   -  http://security.nl
     PGPID 155C3934 fp DD29 1787 8F49 51B8 4FDF  2F64 A65C 42AE 155C 3934
     Excuse of the day: nesting roaches shorted out the ether cable
    
    
    ----------------------------------------------------------------------------
    
    
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see:
    
    http://aris.securityfocus.com
    



    This archive was generated by hypermail 2b30 : Tue Jul 03 2001 - 07:23:54 PDT