You can also use eServer Secure. I've used it for 3 years and have been protected from old and new attacks. It protected my servers when Nimda and CodeRed came out. It was at least 2 months after Nimda and CodeRed when I update the IIS security patches from Microsoft.
Check it out at: www.turillion.com Kevin ----- Original Message ----- From: "Mike Byers" <[EMAIL PROTECTED]> To: "CF-Server" <[EMAIL PROTECTED]> Sent: Tuesday, November 12, 2002 11:56 AM Subject: RE: Server Security Breach > Microsoft has a guide, and an IIS Lockdown tool. > > http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/ > tools/chklist/iis5chk.asp > http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/ > bestprac/default.asp > > > Other sources > http://www.lokbox.net/SecureWin2K/ > http://www.secadministrator.com/Articles/Index.cfm?ArticleID=26049 > http://www.nacs.uci.edu/security/msft/safeiisinstall.htm > > I have not reviewed all of them yet. > > Mike > > -----Original Message----- > From: Brook Davies [mailto:brook@;maracasmedia.com] > Sent: Tuesday, November 12, 2002 11:40 AM > To: CF-Server > Subject: RE: Server Security Breach > > > Is that Port 139 / TCP/IP? Also, thanks for the info guys! I figured it > was just that, but I didn't want to take any chances :) > > While I'm at it, does any one know of a good "lock down" guide for Windows > 2000 Server in a web environment? I followed the IIS / Windows lock down > that was available from Allaire some time back. It had a list of > unnecessary services, some security related registry entries, and file > permission settings. > > Brook > > > At 11:10 AM 12/11/02 -0600, you wrote: > >It's a common annoyance lately. It's the Messenger service that is > >being abused. You can just disable it in the Services control panel. > > > >AFAIK, other than as an annoyance it doesn't have any means of abuse > >other than possibly as a weird DOS attack. If you have a firewall, it's > >probably best to stop it there. Port 139. > > > >Here's an article: > >http://www.techtv.com/screensavers/answerstips/story/0,24330,3374542,00 > >.html > > > >-Kevin > > > > > -----Original Message----- > > > From: Brook Davies [mailto:brook@;maracasmedia.com] > > > Sent: Tuesday, November 12, 2002 10:52 AM > > > To: CF-Server > > > Subject: Server Security Breach > > > > > > > > > Hello, > > > > > > I had something unnerving happen yesterday. Our web server had a pop > > > up dialog box open on it after logging in. The dialog was an > > > advertisement for call center and a 1-800 number! It did not > > > originate internally. > > > > > > Is this a SMNP, or messenging service problem? What do I need to > > > disable and how potentially hazardous is this?? > > > > > > Brook > > > > > > > > > > > > > ______________________________________________________________________ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm ------------------------------------------------------------------------------ To unsubscribe, send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body or visit the list page at www.houseoffusion.com
