On Sun, 11 Nov 2007 22:16:25 +0000, Mark Kent wrote:
> ed <ed@xxxxxxxxxxx> espoused:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> On Sun, 11 Nov 2007 13:29:44 -0600
>> Erik Funkenbusch <erik@xxxxxxxxxxxxxxxxxxxxxx> wrote:
>>
>>> Yes, I have shown the server is not IIS, because it cannot be IIS.
>>
>> Because of a file extension? If one is going to obfuscate through
>> headers, then why not with file extensions?
>>
>> BTW. It's pretty easy to remove ASP session cookies.
>
> Indeed.
>
> Anyway, the server is IIS, and its infecting visitors who use Windows.
> I wonder how much longer Erik can spin for before he gets dizzy?
The server is *NOT* IIS. It's impossible for it to be IIS. The CMS used
is an Apache based CMS system.
|
|