[Dshield] re: Okay, I'm stumped.

Preston G. Simpson preston.simpson at sfrlaw.com
Thu May 9 13:41:19 GMT 2002


	Niel van Niekirk wrote:

> You should be extremely worried about those "200" responses 
> your server gives, this indicates success and that your server > is
vulnerable to those specific variants of the traversal... If > there isn't
some other reason you can explain for the 200's 
> take that machine down, rebuild it (1st prize) or give it a 
> *thourough* check (2nd prize) and secure it before you bring it
> back up!

	Time for me to pull out the rest of the strangeness:
	The webserver in question is a *nix box. I'm not sure what flavor yet,
since I just recently inherited this and the box itself is hosted
elsewhere.

	Thanks for the analysis. It's much appreciated, and I'd be
interested to know anybody else's thoughts on this.

--Preston G. Simpson
  IS Services
  preston.simpson at sfrlaw.com




More information about the list mailing list