RE: Securing Citrix NFuse and IIS 5

• Previous message: Henry Sieff: "RE: Securing Citrix NFuse and IIS 5"
• Maybe in reply to: auto300258@hushmail.com: "Securing Citrix NFuse and IIS 5"
• Next in thread: Henry Sieff: "RE: Securing Citrix NFuse and IIS 5"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 18 Oct 2002 13:21:39 -0700
To: Chris Calaf <ccalaf@WBCM.com>, focus-ms@securityfocus.com
From: auto300258@hushmail.com

Thanks for your reply Chris.

But my understanding is that the Secure Gateway encrypts and authenticates the Citrix traffic, but does not protect the NFuse/IIS box from the usual exploits, i.e. Nimda, Code Red, buffer overflows, etc. I want to lock down IIS without breaking NFuse.

On Fri, 18 Oct 2002 10:50:28 -0700 Chris Calaf <ccalaf@WBCM.com> wrote:
>Citrix has a Product call Citrix Secure Gateway that uses SSL
>
>http://citrix.com/products/csg.asp
>
>you may need a subscription advantage
>
>-----Original Message-----
>From: auto300258@hushmail.com [mailto:auto300258@hushmail.com]
>Sent: Friday, October 18, 2002 12:22 PM
>To: focus-ms@securityfocus.com
>Subject: Securing Citrix NFuse and IIS 5
>
>
>I'm working on a pilot deployment of Citrix with its NFuse component
>on
>Win2000 to allows remote users to access our LAN via web browser.
>NFuse uses
>IIS 5 installed on the same machine to deliver all of our applications
>to
>the remote user.
>
>Is there anything special to know about hardening IIS 5 in conjunction
>with
>NFuse that anyone here has any experience with? What about a good
>white
>paper on hardening IIS 5, besides what Microsoft has on their web
>site?
>
>Has anyone used EEye's SecureIIS product with NFuse/IIS5? I've heard
>very
>good things about it and hope it might be useful here.
>
>Thanks for any information you might be able to provide.
>
>Regards.
>
>
>
>Get your free encrypted email at https://www.hushmail.com
>
>
>

Get your free encrypted email at https://www.hushmail.com

• Previous message: Henry Sieff: "RE: Securing Citrix NFuse and IIS 5"
• Maybe in reply to: auto300258@hushmail.com: "Securing Citrix NFuse and IIS 5"
• Next in thread: Henry Sieff: "RE: Securing Citrix NFuse and IIS 5"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: Securing Citrix NFuse and IIS 5 ... Citrix has a Product call Citrix Secure Gateway that uses SSL ... I'm working on a pilot deployment of Citrix with its NFuse component on ... IIS 5 installed on the same machine to deliver all of our applications to ... (Focus-Microsoft) Re: Securing Citrix NFuse and IIS 5 ... kinds of Citrix web application problems that haven't been found yet. ... Securing Citrix NFuse and IIS 5 ... Win2000 to allows remote users to access our LAN via web browser. ... paper on hardening IIS 5, besides what Microsoft has on their web site? ... (Focus-Microsoft) RE: Securing Citrix NFuse and IIS 5 ... NFUSE 1.7 doesn't really add a whole lot of vulnerability points to an IIS ... Harden the IIS server, ... Use SSL for communications between your NFUSE server and Citrix Data ... (Focus-Microsoft) FW: Win2K security roll out package and citrix xp ... I found this same this same problem with Citrix XP, running NFuse v1.5. ... --Citrix NFuse web server serving the access to the Published Applications ... environment, and probably shows, yet again, why ALL patches and updates need ... (NT-Bugtraq) RE: This time, how secure is Citrix? ... to your Citrix system than from any PC on the Internet. ... RSA SecureID also integrates with NFUSE. ... This time, how secure is Citrix? ... (Security-Basics)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint