Re: [OT] IIS security

From: James Reather (james.news_at_reather.com)
Date: 05/25/04

• Next message: David Copeland [MSFT]: "Re: Secondary DNS doesn't kick in ...."
• Previous message: Matt Gibson: "Re: [OT] IIS security"
• In reply to: Matt Gibson: "Re: [OT] IIS security"
• Next in thread: Matt Gibson: "Re: [OT] IIS security"
• Reply: Matt Gibson: "Re: [OT] IIS security"
• Messages sorted by: [ date ] [ thread ]

---

Date: Tue, 25 May 2004 23:44:25 +0200

"Matt Gibson" <mattg@blueedgetech.ca> wrote in message
news:O6zhZ%23pQEHA.3012@TK2MSFTNGP09.phx.gbl...
> *Raises Hand*
>
> Notice how it says they were attacked?

Where does it say that?

> Through a web based administration
> page, and then using SQL injection.
>
> That's got no effect on IIS security.

"No effect" ...err... <shakes head> I suppose that insecure "web based
administration page" was running on a rogue Apache server, was it? ;-)
Better still, perhaps the SQL database in question was actually MySQL? :-)
:-)

I suppose we could sum it up like this: if Microsoft's MSPress division
can't keep their IIS servers secure, what makes you think *you're* so much
more capable? Better be sure of yourself before you stick your head above
the parapet...

James

---

• Next message: David Copeland [MSFT]: "Re: Secondary DNS doesn't kick in ...."
• Previous message: Matt Gibson: "Re: [OT] IIS security"
• In reply to: Matt Gibson: "Re: [OT] IIS security"
• Next in thread: Matt Gibson: "Re: [OT] IIS security"
• Reply: Matt Gibson: "Re: [OT] IIS security"
• Messages sorted by: [ date ] [ thread ]

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(11)