Penetration Testing mailing list archives

Re: Auditing microsoft IIS 5/6.0

From: Slim Pickens <slim.pkns () gmail com>
Date: Wed, 29 Aug 2007 13:31:18 -0500

You might start with the Center for Internet Security benchmarks (CIS).

On Aug 28, 2007, at 10:20 AM, Nikolaj <lorddoskias () gmail com> wrote:

What do you think should be checked when audition MS IIS 5/6.0installation? Any tips would be helpful.
------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

Auditing microsoft IIS 5/6.0 Nikolaj (Aug 28)
- Re: Auditing microsoft IIS 5/6.0 Nikhil Wagholikar (Aug 28)
  - Penetration tester or Ethical hacker future? IRM (Aug 29)
    - Re: Penetration tester or Ethical hacker future? David Jacoby (Aug 30)
    - RE: Penetration tester or Ethical hacker future? Paul Melson (Aug 30)
    - Re: Penetration tester or Ethical hacker future? Nikos Tsagarakis (Aug 31)
    - RE: Penetration tester or Ethical hacker future? Paul Melson (Aug 31)
  - Re: Auditing microsoft IIS 5/6.0 rajat swarup (Aug 29)
- Re: Auditing microsoft IIS 5/6.0 Slim Pickens (Aug 29)
  - Re: Auditing microsoft IIS 5/6.0 Ivan . (Aug 30)
    - Re: MS Access injection Gichuki. John (Aug 30)