Re: Summary of IIS 4.0/5.0 Unicode thread (end of thread?)

[amonotod <amonotod () NETSCAPE NET>]

On Fri 10/27/00 5:41 AM, Robert A. Seace wrote:
> In the profound words of Ryan Yagatich:
> > also, you can setup a tftp server on your box, and tftp the
> > file/trojan in which you are attempting to run. (netcat anyone?)
> > all you have to do is setup the command string, the same way.
>
> Another way to transfer files would be "rcp", if you find
> it easier to setup "in.rshd" on your server... (At least,
> the NT machine I saw had an "rcp.exe" client installed in
> "\winnt\system32\"... Not sure how standard that is...)

Quite standard setup, however, as part of the process of locking down the
server, you should restrict access to all the system32\r*.* commands to only
administrators, including the exclusion of System. Furthermore, you should
restrict access to net.exe, ftp.exe, tftp.exe and other remote service link
executables from any 'service' type accounts, and maybe even from System.

If your server is not properly configured, you're open to many kinds of
attack, not just whatever the current popular attack may be.

amonotod

____________________________________________________________________
Get your own FREE, personal Netscape WebMail account today at http://home.netscape.com/webmail