UrlScan version 3.0 is a security tool that restricts the types of HTTP requests that Internet Information Services (IIS) 6.0 will process. UrlScan screens all incoming requests to the server by filtering the requests based on rules that are set by the administrator. Filtering requests helps secure the server by ensuring that only valid requests are processed.
Most malicious attacks share a common characteristic in that the attack involves the use of a request that is unusual in some way. For instance, the request might be extremely long, request an unusual action, be encoded using an alternate character set, or include character sequences that are rarely seen in legitimate requests.
By filtering unusual requests, UrlScan helps prevent such requests from reaching the server and potentially causing damage. By blocking specific HTTP requests, UrlScan helps prevent potentially harmful requests from reaching the server. UrlScan version 3.0 security tool will install on IIS 5.1 and later, including IIS 7.
Posted by Gabriel Maciel