Steve Schofield Weblog
Windows Server MVP - IIS
Sign in
|
Join
Home
Contact
About
RSS
Atom
Comments RSS
Search
Tags
.NET
Access2007
ajax
appcmd
ASP
ASP.NET
Certification
Classic ASP
debugging
Exchange
Exchange2007
FTP
grdotnet
Homer
HyperV
IDS
IIS
IISLogs
Image Burner
localhost
Log Analysis
Logparser
Longhorn
Manage IISLogs
perl
PHP
powershell
Scripting
Sharepoint
SimpleCMS
SMS
SMTP
SQL
sql injection
SQL Perfmon counters
Troubleshooting
UNC
VBS
Vista
Volume Licensing
WAST
WDS
WebDAV
WinDBG
Windows Services
WMI
Zune
News
Navigation
Home
Blogs
Archives
October 2008 (5)
September 2008 (4)
August 2008 (5)
July 2008 (6)
June 2008 (7)
May 2008 (16)
April 2008 (4)
March 2008 (6)
February 2008 (5)
January 2008 (9)
December 2007 (8)
November 2007 (3)
October 2007 (5)
September 2007 (6)
August 2007 (7)
July 2007 (11)
June 2007 (11)
May 2007 (8)
April 2007 (9)
March 2007 (12)
February 2007 (6)
January 2007 (13)
December 2006 (13)
November 2006 (7)
October 2006 (15)
September 2006 (13)
August 2006 (8)
July 2006 (7)
June 2006 (10)
May 2006 (4)
April 2006 (2)
March 2006 (5)
January 2006 (1)
December 2005 (2)
September 2005 (1)
October 2004 (2)
August 2004 (1)
July 2004 (1)
June 2004 (1)
May 2004 (1)
April 2004 (4)
March 2004 (2)
January 2004 (4)
Blogs
Scott Guthrie
David Penton
Kristofer Gafvert
Brett Hill
David Wang
Ken Schaefer
Chris Crowe
Chris Adams
Steve Smith (ASPAlliance guru!)
Bernard Cheah
IIS Team blogs
Mike Volodarsky
Bill Staples
David Wang #2
Hoster Poser
Hosting Needs
ORCSWeb, Inc
Misc components
IISLogs - #1 component for managing log files
Misc Links
SecurityFocus
Nessus network scanner
IISLists
IISToolbox by Tom K (IIS MVP)
IIS-Digest
IIS-Resources
IIS.net
June 2008 - Posts
0
Comments
SQL Injection rule explanation how URLScan 3.0 scans requests
by
steve schofield
One of the things I was curious what URLScan actually scanned and how. What is just servervariables or what?! I asked Wade H from the IIS Team for further explaination. It is good to be aware when you are implementing URLScan 3.0 and sql injection rules...
Filed under:
IIS
,
sql injection
0
Comments
Tool to help detect SQL Injection
by
steve schofield
Here is a tool to help detect sql injections. You have to sign-up for the free tool, but it's worth it. http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2008/06/23/finding-sql-injection-with-scrawlr.aspx Hope this helps
Filed under:
sql injection
1
Comments
URLScan 3.0 - help with sql injection attacks.
by
steve schofield
For those supporting a Classic ASP and ASP.NET application, you probably have noticed an increase in sql injection attempts. Microsoft has released an updated URLScan 3.0. Here is the link to download URlScan version 3 beta for 32 bit or 64 bit . You...
Filed under:
IIS
,
sql injection
3
Comments
SQL Injection information for IIS admins and developers
by
steve schofield
The sql injection that has came up is affecting several ASP and ASP.NET applications. Although the only way to prevent an attack is validate the code, hopefully these posts will provide some direction. I included some links that discuss this more. http...
Filed under:
IIS
,
sql injection
0
Comments
Powershell 2.0
by
steve schofield
I''ve tried really hard to get excited about Powershell 1.0, it just hasn't stuck. Am I the only one?! :) However, (yes there is a however). The great thing about software, there is a 2.0 release sooner or later. I've made the committment to learn Powershell...
Filed under:
powershell
0
Comments
SMTP links for IIS
by
steve schofield
I was answering a question @ http://forums.iis.net on SMTP scripting. I ran across a couple links I wanted to share. Programatically configure SMTP service on IIS to route mails to a domain http://blogs.msdn.com/mahjayar/archive/2004/11/08/254202.aspx...
Filed under:
SMTP
1
Comments
IIS7 - post #69 - Remember to disable SSL 2.0
by
steve schofield
I'm not certain why SSL 2.0 isn't disabled on Windows Server 2008 by default, but here is the KB article to remember to do that on your system. http://support.microsoft.com/kb/187498 How to test if you accept SSL 2.0 using IE is go to Internet options...
More Posts