IIS Server Security - Re: Virus in IFRAME injected into our ASP pages (downloader trojan on client)

This is Interesting: Free IT Magazines  
Home > Archive > IIS Server Security > December 2006 > Re: Virus in IFRAME injected into our ASP pages (downloader trojan on client)





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Re: Virus in IFRAME injected into our ASP pages (downloader trojan on client)
Leythos

2006-12-11, 1:18 pm

In article <1165843984.956869.252350@16g2000cwy.googlegroups.com>,
dcote@dgmdata.com says...
> We had to reinstall IIS on the server and it did the trick.

I don't think so, sure it got it working again, but, reinstalling IIS
does not resolve the root cause.

> By the way, we tried windows defender and windows removing tools, both
> didn't found anything. And after our tests, IIS was really compromise.
> Any website running asp or aspx pages inject the iframe code. The hack
> seems to have been at the core of IIS. ASAPI filter desactivation
> didn't do the trick.

Windows Defender is worthless and unless you setup your server properly
it will happen again. I've had hundreds of IIS based webservers online
since the late days of NT4 and never had one compromised. You need to
properly configured and properly firewall your server, and you need to
properly code sites so that you don't expose your site to exploits in
website code.

>
> Any idea anyone what it was?

No, but you might be able to find information on google.com

--

spam999free@rrohio.com
remove 999 in order to email me
Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com