| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: se_cur_ity at hotmail.com (Morning Wood) Subject: Blocks OWA Redirect Attempts since MS is lax about OWA patching, a kind admin sent me this Cisco Mgmt rule to prevent OWA redirect phishing. D.W ------------------------ / start / -------------------- <?xml version='1.0'?> <!DOCTYPE CSAMCEXPORT> <CSAMCEXPORT export_time="Thu Mar 10 13:15:40 Eastern Standard Time 2005" format_version="4.0"> <DATASET hidden="0" description="Blocks OWA Redirect Attempts" name="Outlook Web Access Redirect" id="5264" _toplevel="0"> <DATA_IN value="*/exchweb/bin/auth/owalogon.asp?url=*"/> <DATA_EX value="*/exchweb/bin/auth/owalogon.asp?url=https://mymail.com/exchange*"/> </DATASET> <RULE description="Deny OWA Exploits" user_msg="" tla="DACL" id="660" description_detail="" action="deny" log="log_low" priority="201" _toplevel="0" enabled="1"> <APPCLASS_REF ref_id="120"/> <DATASET_REF ref_id="5264"/> </RULE> <APPCLASS is_session_void="0" ostype="W" description="IIS Web Server executable file" name="IIS Web Server application" id="120" is_timeout="0" description_detail="" _toplevel="0" timeout="" process_group="0" apptype="S"> <USE_IN_PROD value="SW"/> <USE_IN_PROD value="SF"/> <FILE_LITERAL file="inetinfo.exe" dir="**"/> <FILE_LITERAL file="w3wp.exe" dir="**"/> </APPCLASS> <POLICY ostype="W" description="Protects OWA against URL Injection exploits" name="Custom OWA Module" id="74" description_detail="" _toplevel="1" mandatory="0"> <RULE_REF ref_id="660"/> </POLICY> </CSAMCEXPORT> ---------------------- / end / ----------------------
Powered by blists - more mailing lists