Microsoft URLscan Web Application Firewall (WAF)

URL Scan is a plug into IIS that allows for request based filtering (Not signature based) of incoming requests. By enabling some of these filters it is possible to prevent exploitation of known, or new unpublished vulnerabilities. Additional information on 'Web Application Firewalls' can be answered at our What is a Web Application Firewall FAQ Page.

URL Scan Homepage

MSDN Articles
How To: Use URLScan, 2003
How to Configure the URLScan Tool (Support Q326444)
HOW TO: Mask IIS Version Information from Network Trace and Telnet (Support 317741)
Securing Your Web Server, 2004
Improving Web Application Security: Threats and Countermeasures Chapter 16 - Securing Your Web Server
How to Configure URLScan to Protect ASP.NET Web Application (Support 815155)s
HOW TO: Lock Down an ASP.NET Web Application or Web Service (Support 815145)
How To Use URLScan with FrontPage 2003 (Support 825538)
How to use URLScan with FrontPage 2002 (Support 318290)
How to use URLScan with FrontPage 2000 (Support 309394)
IIS lockdown and URLscan configurations in an Exchange environment (Support 309508)
How To Secure Your Developer Workstation
Other MSDN URLScan Articles

Preventing Log Evasion in IIS, By Robert Auger 2005
Protect Your IIS Server with URLScan , 2000

Google News URLScan Help Results



Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!


I don't think URLscan is a WAF. I call this kind "HTTP aware IPS".

~ Ofer