----- Original Message ----- From: "Thomas M. Albright" <[EMAIL PROTECTED]> To: "GNHLUG" <[EMAIL PROTECTED]> Sent: Tuesday, October 02, 2001 7:27 PM Subject: Re: Website defacement (was: Anti-terrorism bill...)
> If the web site id that important to the business, there should be a > dedicated web-server, so if there is a break-in, it's *just* the web > server hit, Wrong-o, o armchair quarterback! Any web site serving other than static content, if it uses Microsoft, will have IIS on it. The Nimda virus spread to ALL the servers on the network thru IIS, even though the web server was separate. (In fact, the source of the virus was from within the private (user) network in the first place. The servers weren't infected from "outside." All the servers were corrupted beyond repair (two separate anti-virus products were unable to clean the systems completely. > and there should be *daily* back-ups. If the server is hit, > throw the back-up online and, although you lose time fixing the primary > server, the revenue stream remains virtually undisturbed. That would be nice if it could be put into practice, but if all the servers are affected, and patches come out AFTER infection, you can't very well use a backup, can you? The backups will contain unpatched vulnerabilities. > > Also: never use M$ server products, unless you *want* to be comprimised. > Nice sentiment. Who *wants* to be compromised? The fact is that 41 percent of the server market IS Microsoft (although probably that figure will decline sharply. I know that the "guy across the hall" is now looking into other options.) The Microsoft infrastructure that is out there still needs to be protected until it can be replaced. Rich Cloutier SYSTEM SUPPORT SERVICES President, C*O www.sysupport.com ********************************************************** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the following text in the *body* (*not* the subject line) of the letter: unsubscribe gnhlug **********************************************************
