top button
Flag Notify
Site Registration

what Microsoft application/tool could you use to mitigate this attack?

+4 votes
385 views

If you were not using Apache as the reverse proxy, what Microsoft application/tool could you use to mitigate this attack?

posted Dec 23, 2014 by Rahul Singh

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

1 Answer

0 votes

You could use either Microsoft's Internet and Security Acceleration (ISA) server as a front-end proxy or implement URLScan on the target IIS server. The urlscan.ini file has the AllowDotInPath directive which will block directory traversal attempts.

answer Dec 25, 2014 by Vrije Mani Upadhyay
...