Whilst security vetting our machines, i found that one host was exposing a Microsoft-HTTPAPI/2.0 service over port 80 to the internet.
I'm not familiar with this, but after googling around, i found that SQL Server 2008 publishes SQL Server Reporting Services on port 80 by deafault and identifies itself as HTTPAPI/2.0. The host is also running IIS7.
I'm guessing this is probably not something that should be exposed to the world. Can anyone offer me any information or advice on the security risk of exposing this service.
Response Headers - http://#.#.#.#/
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Mon, 10 Aug 2009 10:44:25 GMT
Connection: close
Content-Length: 315
404 Not Found
-
If you don't have any good reason to expose it, Then you should probably not expose it. By the way you may be interested in this article to decide wether or not you should expose it
From Maxwell -
Its not a security risk until you can demonstrate that is valuable to an attacker. It doesn't mean a damn thing until exploit code hits the web.
From Rook -
Try looking for vulnerabilities in an exploit database for this
From Peter
0 comments:
Post a Comment