[LINK] Nimda worm: CERT Advisory CA-2001-26
Wed, 19 Sep 2001 23:49:14 +1000
On Wed, 19 Sep 2001 21:22:20 +1000, you wrote:
>I was notified by my email watchdog the instant "odd" requests were
>received by my web servers.
>Something that MS users can't easily do.
This new Microsoft utility may help some beleagured IIS users:
URLScan Security Tool
URLScan screens all incoming requests to an IIS web server, and only allows ones to pass that comply with a ruleset created by the administrator. This significantly improves the security of the server by helping ensure that it only responds to valid requests.
The tool allows the administrator to filter requests based on length, character set, content and other factors. A default ruleset is provided, which can be customized to meet the needs of a particular server.
For More Information - http://www.microsoft.com/technet/security/urlscan.asp