WordType Designs
Driven To Distractions©
The Sound of One Hand Clapping©

A rchive Date
[ 20-04-2001 ]
Category
[ Information Technologies ]
sub-Categoy
[ Microsoft ]
      [Weakness found in Microsoft server shield
      A simple request for a Web page can bring down a Windows 2000 software package meant to protect internal networks from outside attacks, says a security firm.
      Stephen Shankland, News
      April 17, 2001 6:41 PM ET

      A Microsoft Windows 2000 server software package can be crashed by sending it a comparatively simple request for a Web page, a security firm has discovered.

      SecureXpert Labs reported the vulnerability in Microsoft's Internet Security and Accelerator (ISA) software, which is used to protect internal networks from outside attackers and to bridge internal networks with the public Internet.
      Microsoft acknowledged the problem Monday and issued a patch.

      An attacker can take advantage of the vulnerability by sending the server a request to view a Web page with an unusually large address--for example, one with the letter A repeated 3,000 times, SecureXpert Labs said. Sending such a request will prevent the ISA software from letting computers inside its network view outside Web pages or letting outside computers view inside pages.

      While the vulnerability wouldn't permit an attacker to take over a company's server, it could be used to make a Web page inaccessible to the public, Microsoft said.

      In the array of possible methods to attack a server, this type is very simple and easily launched.

      Though analysts agree the newer Windows 2000 operating system is more secure than its predecessors, Microsoft still faces a host of security problems. For example, future versions of its Outlook e-mail software will ban many file types in an effort to prevent the spread of viruses that can reproduce quickly because of tight integration between different Microsoft products.

      The ISA software must be restarted to restore the service, but the server doesn't need to be rebooted, Microsoft said.]
      Cross-Indexed:

      New document Icon


Some pages may require Adobe Acrobat Reader


Copyright and Fair Use Information: The contents of this web site is protected by international copyright laws and may not be reproduced in any form or manner whatsoever, if for the purpose of resale or solicitation of a donation. The essays included here, may be reproduced only if: 1)They are not altered in any way; 2) reproductions must be accompanied by this copyright page ; and 3) it is given freely and without charge.
Fair use: The fair use of copyrighted work, including such use by reproduction in copies or phonorecords or by any other means specified in above sections, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright. In determining whether the use made of a work in any particular case is fair use the factors to be considered include : (1) the purpose and character of the use, including whether the use is of a commercial nature or is for nonprofit educational purposes; (2) the nature of the copyrighted work; (3) the amount and substantiality of the portion used in relation to the copyrighted work as a whole, and; (4) the effect of the use upon the potential market value of the copyrighted work.
Home | About Narrative? |Contact
Copyright © 2025. All Rights Reserved
HAG122125 (1998 -2026)