Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Using ISA to help block VML exploit SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Using ISA to help block VML exploit
For those of you that use MS ISA as a proxy, or even as a perimiter protective mechanism, Microsoft has posted an article on "Learn How Your ISA Server Helps Block VML Vulnerability Traffic (925568)"
This would be highly recommended measure in a Microsoft centric environment, as one of the defence-in-depth layers of protection, not by itself. Please see the earlier diary entries on the VML vulnerability and its current exploitation here.

Cheers,
Adrien de Beaupré
Cinnabar Networks/BSSI
I will be teaching next: Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques - Pen Test HackFest 2020

Adrien de Beaupre

353 Posts
ISC Handler
Sep 25th 2006

Sign Up for Free or Log In to start participating in the conversation!