WebApp Sec mailing list archives
bad url fragment
From: <development () crm20 com>
Date: Wed, 3 Aug 2005 10:45:27 -0400
Hi,I have a little list of url fragments that should not normally be accessed on the web server and are not in use, I have a mechanism in place that can block the ip requesting the url with a fragment from the list.
Could someone help me with possibly removing some of the entries that might cause a legitimate request to trigger the block.
If possible, please help me improve the list, is there any resource out there where such lists are posted?
here it is: % .. ./ .asa .asax .ascx .bat .cdx .cer .cgi .cmd .config .csproj .dat .dll .exe .htr .htw .ida .idc .idq .inc .ini .jsp .licx .log .pdb .pl .pol .printer .resources .resx .stm .vb .vbproj .vbs .vsdisco .webinfo .wsh .xsd .xsx /_vti_bin/ /admentor/ /Admin.dll /ash /autoexec /bash /bigipgui /bin/ /c32web.exe /cachemgr /campas /cgi/ /cgiemail/ /cgiscso/ /cmd /command.com /common/ /config/ /copy/ /counter/ /csh /default.ida /del /dir /echo /etc /exchange /exec /finger /format /formmail /ftp /get32.exe /global.asa /gwweb.exe /home /html /http /iisadmpwd /iissamples /iisstart.asp /index.cfm /ksh /modules.php /msadc /mysql.class /ncbook /nessus.htr /newuser /ntselementary.adp /nuke /passwd /ping.exe /piranha /pixfir~1 /puttest1.html /query /rename /root.exe /roots /rtm.log /sendmail /servlet /shtml.dll /sites /sqlqhit /ssi /status /tcsh /tftp /usage /webalizer /webcart /WINNT/ /wwwboard _mem_bin 404.html 404.php admin.dll awstats.pl.configdir cachefsd cgi-bin cmd.exe COPY database default.ida DELETE Fpexedll.dll LOCK MKCOL MOVE msadc MSADC OPTIONS PROPFIND PROPPATCH PUT root.exe scripts Shtml.dll UNLOCKvt_
Current thread:
- bad url fragment development (Aug 03)
- Re: bad url fragment Sanjay Rawat (Aug 04)