Microsoft has released a new security tool, dubbed URLScan, to customers. The company says that it designed URLScan to help customers protect Microsoft IIS-based Web servers from the most common types of attacks by helping to ensure that servers respond only to legitimate requests.
"URLScan is effective in protecting Web servers because most attacks share a common characteristic--they involve the use of a request that's unusual in some way," the company says in its release about the tool. "For instance, the request might be extremely long, request an unusual action, be encoded using an alternate character set, or include character sequences that are rarely seen in legitimate requests. By filtering out all unusual requests, URLScan prevents them from reaching the server and potentially causing damage."
Microsoft says that URLScan will protect Web servers against virtually every known security vulnerability that affects IIS, even if users haven't installed the previously released security patches. The tool complements the IIS Lockdown Tool (released 2 weeks ago), which makes sure that IIS servers are securely configured. URLScan runs in the background after the lockdown tool is finished, ensuring that the server responds only to legitimate Web requests.
For more information about URLScan and Microsoft's other IIS security tools, visit the Microsoft Web site.