In-Reply-To: <[EMAIL PROTECTED]> IIS is most vulnerable to directory traversal attacks. Yes you can secure your IIS server by using the most up to date version and removing all the default files that come installed with it, unless you NEED them for something. Start by installing the server and messing with its various policy options. What your hosting on your server is relevant to, if its straight HTML then theres no need for SSL, turn it off etc. X-focus (the group that just released that RPC exploit code) has an EXCELLENT HTTP/IIS scanner. Search google for that one (xfocus scanner) or theres many others on the net im just not sure where at the moment. The IIS Lock down tools do work well also, they filter out alot of directory traversal attacks.
Chris http://www.cr-secure.net (soon) >Received: (qmail 16214 invoked from network); 5 Aug 2003 15:41:17 -0000 >Received: from outgoing3.securityfocus.com (205.206.231.27) > by mail.securityfocus.com with SMTP; 5 Aug 2003 15:41:17 -0000 >Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19]) > by outgoing3.securityfocus.com (Postfix) with QMQP > id B3B50A30D1; Tue, 5 Aug 2003 09:44:18 -0600 (MDT) >Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm >Precedence: bulk >List-Id: <security-basics.list-id.securityfocus.com> >List-Post: <mailto:[EMAIL PROTECTED]> >List-Help: <mailto:[EMAIL PROTECTED]> >List-Unsubscribe: <mailto:[EMAIL PROTECTED]> >List-Subscribe: <mailto:[EMAIL PROTECTED]> >Delivered-To: mailing list [EMAIL PROTECTED] >Delivered-To: moderator for [EMAIL PROTECTED] >Received: (qmail 6382 invoked from network); 5 Aug 2003 10:27:46 -0000 >Date: 5 Aug 2003 10:22:26 -0000 >Message-ID: <[EMAIL PROTECTED]> >Content-Type: text/plain >Content-Disposition: inline >Content-Transfer-Encoding: binary >MIME-Version: 1.0 >X-Mailer: MIME-tools 5.411 (Entity 5.404) >From: NR <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: Securing IIS Server > > > > >Hi, > >I have IIS Server in which i want to install IIS lockdown and URLScan, >i heard they are very good to protect IIS server, >are they worth installing, >and if not, is there any other tools i can use to secure my IIS ? > >Thanks and Regards >NR > >-------------------------------------------------------------------------- - >-------------------------------------------------------------------------- -- > > --------------------------------------------------------------------------- ----------------------------------------------------------------------------
