Re: MS IIS Lockdown tool

From: EPiC (epic@hack3r.com)
Date: 08/24/01


Message-ID: <004a01c12cdc$d1626b80$d2e714d8@hack3r.org>
From: "EPiC" <epic@hack3r.com>
To: "Marc Fossi" <mfossi@securityfocus.com>, "Patrick O'Donnell" <patrick@softwareonly.com>
Subject: Re: MS IIS Lockdown tool
Date: Fri, 24 Aug 2001 14:39:05 -0600

I do not have a server that I dare install this on, The IIS servers I run
are pretty modded out.

If anyone wants to set this up, or has, I will happily audit the security.

EPiC
hack3r.com
----- Original Message -----
From: "Marc Fossi" <mfossi@securityfocus.com>
To: "Patrick O'Donnell" <patrick@softwareonly.com>
Cc: "Focus-MS" <focus-ms@securityfocus.com>
Sent: Friday, August 24, 2001 12:40 PM
Subject: Re: MS IIS Lockdown tool

> The real question is does the tool really lock the server down, or is it
> lulling novice admins into a false sense of security? Has anyone tried
> locking an IIS server down with this then running a Nessus (or similar)
> scan against it?
>
> Marc Fossi, MCSE
> SecurityFocus
> www.securityfocus.com
>
> On Fri, 24 Aug 2001, Patrick O'Donnell wrote:
>
> > I think the door swings both ways on this one... I have heard the
obvious
> > horror stories of this tool, and the other side of it, which is that it
was
> > a simplistic install that went without a hitch. At this point, I guess
you
> > ask yourself the question of "Do I want the potential headache
associated
> > with this fix?"
> >
> > --Patrick
> >
> > ----- Original Message -----
> > From: Marc Fossi <mfossi@securityfocus.com>
> > To: Patrick O'Donnell <patrick@softwareonly.com>
> > Cc: Focus-MS <focus-ms@securityfocus.com>
> > Sent: Thursday, August 23, 2001 5:09 PM
> > Subject: Re: MS IIS Lockdown tool
> >
> >
> > > I don't know. I don't currently have an IIS server to test it on, and
the
> > > MS documentation is still slim on this tool. From what I can tell, it
is
> > > probably best to use on a fresh installation.
> > >
> > > Marc Fossi, MCSE
> > > SecurityFocus
> > > www.securityfocus.com
> > >
> > > On Thu, 23 Aug 2001, Patrick O'Donnell wrote:
> > >
> > > > Is this a tool that can be used with existing IIS configurations, or
for
> > a
> > > > new install??
> > > >
> > > > Thanks
> > > >
> > > >
> > > > ----- Original Message -----
> > > > From: Marc Fossi <mfossi@securityfocus.com>
> > > > To: Focus-MS <focus-ms@securityfocus.com>
> > > > Sent: Thursday, August 23, 2001 3:59 PM
> > > > Subject: MS IIS Lockdown tool
> > > >
> > > >
> > > > > Has anyone else seen or used this yet? I'm sure this list would
be
> > > > > interested in any feedback/comments about it.
> > > > >
> > > > >
> > > >
> >
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutio
> > > > ns/security/tools/locktool.asp
> > > > >
> > > > > I find it quite interesting that MS has been releasing so many
> > security
> > > > > tools lately...
> > > > >
> > > > > Marc Fossi, MCSE
> > > > > SecurityFocus
> > > > > www.securityfocus.com
> > > > >
> > > >
> > >
> >
>
>