Re: Should webservers, eg. IIS 6 have anti--virus installed on them?

From: jkowall (jkowall_at_gmail.com)
Date: 07/19/05

  • Next message: Jeff Shawgo: "RE: Should webservers, eg. IIS 6 have anti--virus installed on them?"
    Date: Mon, 18 Jul 2005 21:34:22 -0400
    To: focus-ms@securityfocus.com
    
    

    I agree with this completely. We serve over 18million pages a day,
    and our servers can handle the small load imposed by AV on non web
    related file extensions. Its a minor inconvenience, as is all
    security in relation to your server farm being compromised, and having
    a major cleanup/reinstall. The more layers needed to compromise is
    just another layer protecting your business goals.

    On 7/18/05, Richard Whitworth <Richard.Whitworth@hsbp.co.uk> wrote:
    > I would always use AV software on any PC or server - it is part of a holistic approach to security - for example, what happens if a vuln is discovered in IIS and an exploit (worm) is coded which you are unaware of, or you're on holiday when it appears etc. - the AV software may pick this up if its covered in your virus definitions without you having to patch the server.
    >
    > Richard
    >
    > -----Original Message-----
    > From: Sarbjit Singh Gill [mailto:ssgill@gilltechnologies.com]
    > Sent: 17 July 2005 17:22
    > To: focus-ms@securityfocus.com
    > Subject: Should webservers, eg. IIS 6 have anti--virus installed on
    > them?
    >
    >
    >
    > Greetings
    >
    > Should IIS have anti-virus installed on them. I know I would do it for a
    > fileserver but for IIS, I rather lock it down.
    >
    > Thanks.
    > /Gill
    >
    >
    > ---------------------------------------------------------------------------
    > ---------------------------------------------------------------------------
    >
    >
    > ----------------------------------------------------------------------------------------------------------------
    > Disclaimer: This email and any files transmitted with it are confidential and
    > intended solely for the use of the individual or entity to whom
    > they are addressed.
    >
    > If you have received this email in error please notify the
    > originator of the message. This footer also confirms that this
    > email message has been scanned for the presence of computer
    > viruses and Henshaws Society for Blind People will not accept
    > any responsibility for any loss of data or financial loss caused
    > directly or indirectly by opening or processing this email and any
    > accompanying attachments.
    >
    > Any views expressed in this message are those of the individual
    > sender, except where the sender specifies and with authority,
    > states them to be the views of Henshaws Society for Blind People.
    >
    > Please Note: Recipients of this message should be aware that
    > Henshaws Society for Blind People reserves the right to monitor
    > all email sent to and from the hsbp.co.uk domain or any other
    > domain that may be administered by the said organisation.
    >
    > Head office telephone number: 0161 872 1234
    > Head office fax number: 0161 848 9889
    > website: http://www.hsbp.co.uk
    >
    >
    > ---------------------------------------------------------------------------
    > ---------------------------------------------------------------------------
    >
    >

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------


  • Next message: Jeff Shawgo: "RE: Should webservers, eg. IIS 6 have anti--virus installed on them?"

    Relevant Pages

    • RE: exploit to vulnerability
      ... This footer also confirms that this email message has been scanned for the presence of computer viruses and Henshaws Society for Blind People will not accept any responsibility for any loss of data or financial loss caused directly or indirectly by opening or processing this email and any accompanying attachments. ... Any views expressed in this message are those of the individual sender, except where the sender specifies and with authority, states them to be the views of Henshaws Society for Blind People. ... Head office fax number: 0161 848 9889 website: http://www.hsbp.co.uk ...
      (Focus-Microsoft)
    • RE: exploit to vulnerability
      ... Does WSUS let you have one server give different approved updates ... Servers are a different matter, I tend to install the patches at planned ... states them to be the views of Henshaws Society for Blind People. ...
      (Focus-Microsoft)