[Intrusions] Would IIS auth prevent buffer overflow attacks
Bob Auger
bauger at spidynamics.com
Thu Aug 25 14:59:55 GMT 2005
There have been many instances of overflows/other security issues
happening before the authentication state. Implementing authentication
on IIS *might* prevent an overflow in a component that isn't accessible
without first being authenticated, but it isn't a silver bullet against
all security issues.
If possible though it is always a good idea to limit your attack
surface.
- Robert Auger
-----Original Message-----
From: intrusions-bounces at lists.sans.org
[mailto:intrusions-bounces at lists.sans.org] On Behalf Of Wes Young
Sent: Thursday, August 25, 2005 7:48 AM
To: Intrusions List (GCIA Practicals)
Subject: Re: [Intrusions] Would IIS auth prevent buffer overflow attacks
sure... unless the authentication mechenism was flawed and exploited (as
it was in june of 2004).
Something you actually tend to see a lot more of as this year goes on.
Stephen Shepherd wrote:
> If IIS authentication were enabled on a web server would it prevent
> buffer overflow attacks unless the attacker had valid credentials.
>
> I would think that the web server would not process the initial get
> request until it had successfully authenticated the client??
>
> Just curious if this would add any protection to a www site..
> _______________________________________________
> Intrusions mailing list
> Intrusions at lists.sans.org
> http://www.dshield.org/mailman/listinfo/intrusions
>
>
--
Wes Young
Network Security Analyst
University at Buffalo
--
My Security Blog: http://tinyurl.com/9av4k
RSS: http://tinyurl.com/ceopv
My Life: http://tinyurl.com/l18g
_______________________________________________
Intrusions mailing list
Intrusions at lists.sans.org
http://www.dshield.org/mailman/listinfo/intrusions
More information about the Intrusions
mailing list