[REVS] IIS Security and Programming Countermeasures
support_at_securiteam.com
Date: 04/28/03
- Previous message: support_at_securiteam.com: "[NT] Xeneo Web Server Vulnerable to a Denial of Service Attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: list@securiteam.com Date: 28 Apr 2003 11:41:34 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
In the US?
Contact Beyond Security at our new California office
housewarming rates on automated network vulnerability
scanning. We also welcome ISPs and other resellers!
Please contact us at: 323-882-8286 or ussales@beyondsecurity.com
- - - - - - - - -
IIS Security and Programming Countermeasures
------------------------------------------------------------------------
SUMMARY
A very good how-to guide has been written by Jason. The guide will try to
help administrators secure their IIS installation. Before diving into the
systematic hardening instructions, the guide will try to explain the
following:
* The different threats
* The current available tools (referred as "Hacking Tools", i.e.
non-commercial tools) in the market
* The architecture used by IIS (the different components from which IIS
is built from)
From there the guide will explain the most important of all, the different
methods with which you can harden your IIS installation.
DETAILS
Introduction:
This is a book about how to secure Microsoft Internet Information Services
for administrators and programmers whose work includes a requirement for
information security, a computer industry specialty field commonly
referred to as infosec. In this book, the terms information security and
infosec are used interchangeably with the more friendly term data
security. This is not a book about hacking, cracking, and the tools and
techniques of the bad guys, the so-called black hat hackers. This book
teaches computer professionals and infosec specialists how to build secure
solutions using IIS. It is your duty to secure and defend networked
information systems for the benefit of the good people who are your end
users, clients, or less technical coworkers.
ADDITIONAL INFORMATION
The complete e-book can be downloaded from:
<http://forensics.org/IIS_Security_and_Programming_Countermeasures_e-book.zip> http://forensics.org/IIS_Security_and_Programming_Countermeasures_e-book.zip
The information has been provided by <mailto:jasonc@science.org> Jason
Coombs.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support_at_securiteam.com: "[NT] Xeneo Web Server Vulnerable to a Denial of Service Attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
