|
|
|
|
| |
Credit:
More information on the tool is available at http://www.microsoft.com/technet/security/URLScan.asp
The tool can be downloaded directly from
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=32571
|
| |
A new security tool for IIS has been released. The tool is called URLScan, and can be used on web servers running IIS 4.0, 5.0 or 5.1. It is a great complement to the IIS Lockdown tool that Microsoft released two weeks ago, but whereas IIS Lockdown ensures that a web server is configured for secure operation, URLScan protects the server while it's in operation.
Most attacks against web servers involve the use of a request that is unusual in some sense. It might be extremely long, contain special characters, use an alternate character set, and so forth. URLScan protects a server by giving the administrator a way to prevent such requests from reaching the server. When installed and running, URLScan intercepts all incoming requests, compares them to a ruleset, and drops them if they do not meet the specifications of the ruleset.
The tool comes with a default ruleset that is appropriate for most servers. The ruleset can be customized to meet the needs of a particular web server. (Microsoft does recommend that the tool be used by experienced web administrators, as it could be possible to set the restrictions so tight that they could interfere with normal operation of the server).
|
|
|
|
|
|
|
