Fwd: RE: SecureIIS - From the Focus-MS list...

From: Jon Zobrist (kgbat_private)
Date: Wed Aug 01 2001 - 08:28:44 PDT

Next message: Stanley G. Bubrouski: "Re: KaZaA + Morpheus sharing files"

Previous message: Hackemate.com.ar: "Re: KaZaA + Morpheus sharing files"
Next in thread: Riley Hassell: "Re: RE: SecureIIS - From the Focus-MS list..."
Reply: Riley Hassell: "Re: RE: SecureIIS - From the Focus-MS list..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

FYI..
This message was posted to focus-ms, sounds like a possible exploit/DoS that 
would affect SecureIIS systems with FrontPage enabled...

----------  Forwarded Message  ----------
Subject: RE: SecureIIS
Date: Mon, 30 Jul 2001 16:19:08 -0400
From: Aaron Dokey <adokeyat_private>
To: "'focus-msat_private'" <focus-msat_private>

I'm in the process of evaluating the product, and my web people (no matter
how hard I try) still use FrontPage 2000 to publish.  I've managed to get
publishing working OK, but when someone publishes a semi-large file (e.g. a
6MB access database) the size of my IIS process balloons until it takes up
all available memory and eventually renders the box useless until IIS is
restarted.  On the client end FP just seems to stick on the file until the
server disconnects (from running out of memory).  I've enabled FrontPage
extensions in SecureIIS as well as disabled everything having to do with the
POST method.

I've replicated this problem on two machines, both running WinNT 4.0 SP6a
and the latest IIS hotfixes.

I sent email to eEye early last week about this problem, and if any of you
have encountered a similar problem and the solution I'd be happy to know.
I'd like to purchase the product, but I can't run something that has this
effect on my web cluster (obviously).

-Aaron

-----Original Message-----
From: p_jenkinsat_private [mailto:p_jenkinsat_private]
Sent: Sunday, July 29, 2001 5:20 PM
To: Matt.Bartelat_private; focus-msat_private
Subject: Re: SecureIIS

I have yet to see any published reviews yet but speaking from my own
experiences i have been happy with it. I had some problems with FrontPage
and Outlook Web Access but the lastest version corrected all the problems I
was having.

Cheers.

P Jenkins

At Fri, 27 Jul 2001 10:26:31 -0500, "Bartel, Matt" <Matt.Bartelat_private>

wrote:
>How widely used in the industry is SecureIIS by eEye?
>(http://www.secureiis.com/html/Products/SecureIIS/index.html)
>
>I am thinking of testing this out, and was curious as to whether there were
>recommendations, suggestions, reviews or otherwise that would help guide my
>decision.  Any opinions, facts, links or otherwise would be appreciated.
>
>Thank you!
>-Matt

Free, secure Web-based email, now OpenPGP compliant - www.hushmail.com

-------------------------------------------------------

Next message: Stanley G. Bubrouski: "Re: KaZaA + Morpheus sharing files"
Previous message: Hackemate.com.ar: "Re: KaZaA + Morpheus sharing files"
Next in thread: Riley Hassell: "Re: RE: SecureIIS - From the Focus-MS list..."
Reply: Riley Hassell: "Re: RE: SecureIIS - From the Focus-MS list..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Aug 01 2001 - 09:29:04 PDT