> > > I have MS 2000 servers that due to upgrades every week > > > are being rebooted @ least once per week. I have a Linux > > > system that is only rebooted when upgrades are added > > > and this is a lot less frequently than Windows systems. > > > > If it helps, you don't have to constantly patch your Windows > > servers. Just set them up correctly in the first place, and > > most of the patches will be irrelevant. Remove unused ISAPI > > extensions, and so on. You should only rarely have to patch > > a production server, and in most cases, this can be done on > > a scheduled basis. I've got some Windows servers which have > > been running nonstop for years - they only get shutdown when > > they're moved to a different physical location! > > Sure, you leave yours set up with the original 65234 security > problems and lets see how long it takes for a hacker to get > serious. Your call is not mine!
I think you're missing my point, but feel free to correct me if I'm wrong. I'm simply saying that if you properly configure a Windows server in the first place, when you set it up, you don't have to constantly patch it (or even frequently patch it). That's all. If you don't know how to properly set up a Windows server (which is a pretty common situation, of course), then you have to apply all the patches, and even then, just hope for the best. While IIS is probably an extreme example, default installs are generally open to well-known vulnerabilities. However, with IIS as with any other service on any platform, if you set it up correctly, you limit your vulnerability to an acceptable degree. Guides for configuring IIS securely are available all over the place. There's a very good book on the subject of building Windows "bastion hosts" from O'Reilly, called "Securing Windows NT/2000 Servers for the Internet", from Stefan Norberg. Also, if you're interested in more detail, Fig Leaf Software offers a course entitled "Securing ColdFusion Servers on Windows", which covers securely installing the operating system, IIS, CF and your custom CF applications. More information on that is available here: http://training.figleaf.com/. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 fax: (202) 797-5444 ______________________________________________________________________ Macromedia ColdFusion 5 Training from the Source Step by Step ColdFusion http://www.amazon.com/exec/obidos/ASIN/0201758474/houseoffusion ------------------------------------------------------------------------------ To unsubscribe, send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body or visit the list page at www.houseoffusion.com
