RE: Should webservers, eg. IIS 6 have anti--virus installed on them?
From: Jim Harrison (ISA) (jmharr_at_microsoft.com)
Date: 07/18/05
- Previous message: Floyd Russell: "RE: Should webservers, eg. IIS 6 have anti--virus installed on them?"
- Maybe in reply to: Sarbjit Singh Gill: "Should webservers, eg. IIS 6 have anti--virus installed on them?"
- Next in thread: Floyd Russell: "RE: Should webservers, eg. IIS 6 have anti--virus installed on them?"
- Reply: Floyd Russell: "RE: Should webservers, eg. IIS 6 have anti--virus installed on them?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 18 Jul 2005 13:35:05 -0700 To: "Floyd Russell" <floyd@floydsoft.com>, <focus-ms@securityfocus.com>
Perhaps the statement "viruses are only spread through user action" is
only true in recent times, since Code Red and Nimda both spread to
clients and servers alike via IIS servers, but it doesn't preclude
future mechanisms of a similar sort.
If you have (or can get) the licenses, add AV to your servers. Al lAV
vendors allow you to control what actions they take and in what areas so
as to avoid conflicting with the server's normal operation.
Jim Harrison
Security Business Unit (ISA SE)
"When you come to a fork in the road, take it."
--Yogi Berra
-----Original Message-----
From: Floyd Russell [mailto:floyd@floydsoft.com]
Sent: Monday, July 18, 2005 12:13 PM
To: focus-ms@securityfocus.com
Subject: RE: Should webservers, eg. IIS 6 have anti--virus installed on
them?
I've held a contentious view on this in the past. Traditionally
speaking,
viruses are only spread through user action, (Attachment, execution of
untrusted file, etc). A webserver should never be used for random
internet
browsing, checking email, running untrusted software, etc. Also, you
have to
consider the performance impact. If this server is running an intensive
site
can you afford the CPU overhead of an active anti-virus scanner? Is it
going
to lock files that need to be written to by the site?
If the machine is just a webserver then patch, firewall, use as
well-designed as possible code, and limit access & lock down as much as
possible. It seems to be that these five things would be enough to
prevent
the viruses from taking control of your machine.
Remember, this is just viruses. Exploits are a completely different
matter.
fr
-----Original Message-----
From: Shyaam [mailto:shyaam@gmail.com]
Sent: Monday, July 18, 2005 10:20 AM
To: ssgill@gilltechnologies.com
Cc: focus-ms@securityfocus.com
Subject: Re: Should webservers, eg. IIS 6 have anti--virus installed on
them?
According to my level of knowledge(which is very minimal, in this
especially), I would say that a web server should be patched well
first. the anti-virus is a secondary issue. Ofcourse, you need an
antivirus too, but there should always be good patches implemented
which checks for the latest signatures.
--Shyaam
On 7/17/05, Sarbjit Singh Gill <ssgill@gilltechnologies.com> wrote:
>
> Greetings
>
> Should IIS have anti-virus installed on them. I know I would do it for
a
> fileserver but for IIS, I rather lock it down.
>
> Thanks.
> /Gill
>
>
>
------------------------------------------------------------------------
-- - > ------------------------------------------------------------------------ -- - > > -- Thank you in advance for your time and consideration. Yours Sincerely, R.S.Shyaam Sundhar ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- ---------------------------------------------------------------------------
- Previous message: Floyd Russell: "RE: Should webservers, eg. IIS 6 have anti--virus installed on them?"
- Maybe in reply to: Sarbjit Singh Gill: "Should webservers, eg. IIS 6 have anti--virus installed on them?"
- Next in thread: Floyd Russell: "RE: Should webservers, eg. IIS 6 have anti--virus installed on them?"
- Reply: Floyd Russell: "RE: Should webservers, eg. IIS 6 have anti--virus installed on them?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
