WebApp Sec mailing list archives
Re: ISAPI Mappings on IIS?
From: "Mark G. Spencer" <mspencer () evidentdata com>
Date: Sun, 9 Nov 2003 16:08:23 -0800
Hi Jeffory, I sure did .. I built a test Win2K Professional machine running IIS 5.0. I get false positives on the ISAPI filters with both Kavado ScanDo and Nikto. There are no ISAPI mappings set, period. Unfortunately I'm not much of a coder, so I don't know exactly how the detection stuff works and why the false positives are being generated. Mark
------------Original Message------------ From: "jatkinson" <jatkinson () zelvin com> To: "Mark G. Spencer" <mspencer () evidentdata com> Date: Thu, Nov-6-2003 10:28 PM Subject: Re: ISAPI Mappings on IIS? I understand that the tools are reporting it but did you manually verify? Jeffory ----- Original Message ----- From: "Mark G. Spencer" <mspencer () evidentdata com> To: <webappsec () securityfocus com> Sent: Thursday, November 06, 2003 5:22 PM Subject: ISAPI Mappings on IIS?Some of my web guys have sworn that they have disabled and/or removed theISAPI mappings on IIS servers, yet ISAPI warnings (.htw, .printer, etc.) continue to show up when running Nessus, Nikto, or Kavado ScanDo against their IIS servers.Any thoughts on this? Maybe these ISAPI settings need to be killedsomewhere outside of the administrative IIS screens?Mark
Current thread:
- ISAPI Mappings on IIS? Mark G. Spencer (Nov 06)
- <Possible follow-ups>
- Re: ISAPI Mappings on IIS? Mark G. Spencer (Nov 11)