SQL Injection

SecureIIS is designed to filter the most common commands and characters used in SQL injection attacks. This stops SQL injection attempts dead in their tracks and can be verified with Retina Web Security Scanner.

Buffer Overflow Attacks

SecureIIS checks the lengths of all client-supplied buffers. If the data is larger than the maximum size allowed, SecureIIS will drop the connection, thereby avoiding a buffer overflow

Parser Evasion Attacks and High-Bit Shellcode Protection

Insecure string parsing can allow attackers to remotely execute commands on the machine running the web server. SecureIIS checks for various characters in a string that would allow an attacker to add on commands to a normal value. If these characters are found, SecureIIS will drop the connection. In addition, normal English-language web traffic does not contain high bit characters. SecureIIS will drop all requests containing high bit characters, which often signal a potential buffer overflow attack.

Directory Traversal Attacks

In certain situations, various characters and symbols can be used to break out of the web server's root directory and access files on the rest of the file system. SecureIIS checks for these characters and also blocks access to specific directories and can even alert when specified files or directories are accessed or modified or even deleted.

RFC Compliancy and Other Attack

SecureIIS prevents attacks from manipulating the HTTP protocol in attempts to bypass security systems and exploit security holes. SecureIIS has aditional checks in place to identify and drop requests that contain recognized patterns. Limitations are also placed on the size of uniform resource locators (URL/URI), HTTP variables, request methods, request header size and other HTTP-related content and payloads that try to use common commands like cmd.exe.