Re: WIN2000 and IIS
From: forrest whitcher (fw@fwsystems.com)Date: 08/27/01
- Previous message: Mike Kennedy: "Re: WIN2000 and IIS"
- In reply to: Margaret CTR Rhodes: "WIN2000 and IIS"
- Next in thread: Peter Skov: "Re: WIN2000 and IIS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 27 Aug 2001 17:57:08 -0400 From: forrest whitcher <fw@fwsystems.com> To: "Margaret CTR Rhodes" <Margaret.CTR.Rhodes@faa.gov> Subject: Re: WIN2000 and IIS Message-Id: <20010827175708.600e851e.fw@fwsystems.com>
On Mon, 27 Aug 2001 13:35:32 -0400
"Margaret CTR Rhodes" <Margaret.CTR.Rhodes@faa.gov> Margaret CTR Rhodes did inscribe
thusly:
As it happened I was installing w2k server the day CR was scheduled to
hit, and I experineced pretty much what you indicate.
to enumerate:
Having de-selected IIS, I happened to check over everything being installed
and lo & behold - IIS was selected - oh boy <grimace>
I again de-selected IIS, at this point it prompted me that some other
features I had wanted (I believe it was server security management and
reporting tool) required IIS, and the install routine obligingly and
silently put IIS back in the build.
I then iterated through the features which specifically required IIS,
until the install routine finaly told me IIS had not been selected.
I am a little hazy on the final detail as I wound up installing w2k
twice on the paritcular box, however I believe I was pretty careful
the second time through also.
After completing the install (and before hooking up the network cbl!)
I reviewed the components of the running system. (Yes I'm paranoid)
Yes, you guessed it, IIS was installed anyway.
I deleted it, I beleive it's still gone. The bottom line seems to be
that MS has built a webserver into it's network auditing & management
tools, so you can't secure W2k without IIS <grin>
Of course they also kindly include a network interface logger which
doesn't enable a promiscuous mode "because that would be insecure",
and advise if you want promiscuous mode you need to purchase SMS.
forrest
fw systems llc
> This may be a subject answered in the past, but I haven't seen anything on it
> lately.
>
> Yesterday, our systems administrator, Mike Miller of RS Information Systems,
> loaded Win2000 on a server and deselected IIS. Despite this, IIS loaded anyway
> with no notification that the deselection had been ignored. He tried this a
> couple of times and our Incident Response team is testing it now. The only way
> he knew that it loaded was that he went in and checked the list of services--and
> there it was!
> Is there any information out there about this on any version of W2K?
>
> There were several people out there that may not have put the patch on because
> they deselected IIS--and then were hit with Code Red.
>
> Here is the configuration of the machine.
>
> It's a Gateway E-5200
> Processor - Pentium III 600 MHZ
> Memory - 256 MB
> Adaptec 29160 Controller
> Hard Drive - IBM DMVS 18.2 GB
> Nic - 3C905c
> Win2000 Basic
>
> Maggie Rhodes
> ISS Analyst
> RS Information Systems
>
>
>
- Previous message: Mike Kennedy: "Re: WIN2000 and IIS"
- In reply to: Margaret CTR Rhodes: "WIN2000 and IIS"
- Next in thread: Peter Skov: "Re: WIN2000 and IIS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
