[thelist] _vti_inf.html ??

Joe Crawford jcrawford at avencom.com
Thu Aug 9 10:05:48 CDT 2001

Jeana Clark wrote:

>>> Are these just weird front page extensions? or ... ??
>> Nope, just normal Frontpage extensions :-)
> But we're not using them on our server/site.  Do ppl just randomly throw
> them into the url looking for these things?

Yes, that is essentially what the code red worm is -- randomly probing on
the default interfaces for web servers running IIS. The _vti_inf.html is a
random (or maybe semi-random) probe on FrontPage extensions. Could be a
robot, a worm, or a "script kiddie."

Think of someone coming up to your house and trying to open the door, at
random. Given the nature of security at many sites, sometimes that works.
This is why you must be friendly and gracious to your sysadmin, for they
make sure that such efforts are rebuffed.

    - Joe <http://artlung.com/>
...................  Joe Crawford \\ Web Design & Development
.....  mailto:jcrawford at avencom.com \\ http://www.avencom.com
.... San Diego \\ CA \\ USA \\ AVENCOM: Set Your Sites Higher

More information about the thelist mailing list