R: Should webservers, eg. IIS 6 have anti--virus installed on them?

From: Sebastian Zdrojewski (sebastian.zdrojewski_at_technomind.it)
Date: 07/19/05

  • Next message: Sarbjit Singh Gill: "RE: Should webservers, eg. IIS 6 have anti--virus installed on them?"
    Date: Tue, 19 Jul 2005 16:49:24 +0200
    To: "Brunner, Mark" <MBrunner@tor.fasken.com>, <focus-ms@securityfocus.com>
    
    
    

    I saw also someone talking about securing up web application. Most AV
    software carries on also a command line version of antivirus. Launching this
    CL application after a file submission won't be a bad thing. May be a bit
    excessive for someone but I would suggest this solution.

    Cheers

    En3pY

    Sebastian Zdrojewski
    Senior System & Network Administrator

    Tel: +39 02.62.610.317
    Mobile: +39 347.6079.096
    E-Mail: sebastian.zdrojewski@technomind.it

    TECHNOMIND S.p.A.
    Via Galileo Galilei, 7 - 20124 Milano
    Tel. +39 02.62.610.300 - Fax +39 02.62.610.333
    Web: http://www.technomind.it/

    ________________________________

    PRIVACY
    Le informazioni contenute in questo messaggio sono riservate e
    confidenziali. Il loro utilizzo è consentito esclusivamente al destinatario
    del messaggio, per le finalità indicate nel messaggio stesso. Qualora Lei
    non fosse la persona a cui il presente messaggio è destinato, La invitiamo
    ad eliminarlo dal Suo Sistema ed a distruggere le varie copie o stampe,
    dandocene gentilmente comunicazione. Ogni utilizzo improprio è contrario ai
    principi del D.lgs 196/03 e alla legislazione Europea (Direttiva
    2002/58/CE). Technomind S.p.A. opera in conformità D.lgs 196/2003 a alla
    legislazione Europea. Per qualsiasi informazione a riguardo si prega di
    contattare la nostra Società all’indirizzo mail: privacy@technomind.it.
     
    The information contained in this message as well as the attached file(s) is
    confidential/privileged and is only intended for the person to whom it is
    addressed. If the reader of this message is not the intended recipient or
    the employee or agent responsible for delivering the message to the intended
    recipient, or you have received this communication in error, please be aware
    that any dissemination, distribution or duplication is strictly prohibited,
    and can be illegal. Please notify us immediately and delete all copies from
    your mailbox and other archives. For any further information please contact
    our Company at the following email address: privacy@technomind.it.
    ________________________________

    -----Messaggio originale-----
    Da: Brunner, Mark [mailto:MBrunner@tor.fasken.com]
    Inviato: martedì 19 luglio 2005 15.33
    A: focus-ms@securityfocus.com
    Oggetto: RE: Should webservers, eg. IIS 6 have anti--virus installed on
    them?

    ALWAYS, ALWAYS, ALWAYS install anti-virus software.
    Configure it to avoid databases, log files, or other commonly locked files,
    but get it on there!
    Lock it down and harden it too. And if you can, create a script or use a
    package to verify that nothing has changed on your webpages, or alert you if
    it does.

    Cheers!
    Mark

    -----Original Message-----
    From: Sarbjit Singh Gill [mailto:ssgill@gilltechnologies.com]
    Sent: 17 July 2005 17:22
    To: focus-ms@securityfocus.com
    Subject: Should webservers, eg. IIS 6 have anti--virus installed on
    them?

     
    Greetings

    Should IIS have anti-virus installed on them. I know I would do it for a
    fileserver but for IIS, I rather lock it down.

    Thanks.
    /Gill

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------

    ----------------------------------------------------------------------------
    ------------------------------------
    Disclaimer: This email and any files transmitted with it are confidential
    and
    intended solely for the use of the individual or entity to whom
    they are addressed.

    If you have received this email in error please notify the
    originator of the message. This footer also confirms that this
    email message has been scanned for the presence of computer
    viruses and Henshaws Society for Blind People will not accept
    any responsibility for any loss of data or financial loss caused
    directly or indirectly by opening or processing this email and any
    accompanying attachments.

    Any views expressed in this message are those of the individual
    sender, except where the sender specifies and with authority,
    states them to be the views of Henshaws Society for Blind People.

    Please Note: Recipients of this message should be aware that
    Henshaws Society for Blind People reserves the right to monitor
    all email sent to and from the hsbp.co.uk domain or any other
    domain that may be administered by the said organisation.

    Head office telephone number: 0161 872 1234
    Head office fax number: 0161 848 9889
    website: http://www.hsbp.co.uk

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------

    
    



  • Next message: Sarbjit Singh Gill: "RE: Should webservers, eg. IIS 6 have anti--virus installed on them?"

    Relevant Pages

    • RE: Should webservers, eg. IIS 6 have anti--virus installed on them?
      ... Should IIS have anti-virus installed on them. ... This footer also confirms that this email message has been scanned for the presence of computer viruses and Henshaws Society for Blind People will not accept any responsibility for any loss of data or financial loss caused directly or indirectly by opening or processing this email and any accompanying attachments. ... Head office fax number: 0161 848 9889 website: http://www.hsbp.co.uk ...
      (Focus-Microsoft)
    • >>>> INSTALL IIS <<<<
      ... Install Iis On Win2008 Server ... Php 5.2.4 Install Confgure Windows Iis ...
      (misc.kids)
    • Secure Windows XP from hackers/unwanted intruders.
      ... >Checklist for Securing a Windows XP IIS 5.1 Webserver ... >install it as an optiontal extra. ... >Regardless of the mechanism a hacker uses to break into ...
      (microsoft.public.windowsxp.security_admin)
    • web reporting under sms 2003
      ... IIS is installed. ... System tests (IIS, IE, WSH) ok ... Begin Install CMDLINE=/s ... Installing main Reporting Point files. ...
      (microsoft.public.sms.setup)
    • Windows XP/2000/2003 users protect yourself.
      ... Checklist for Securing a Windows XP IIS 5.1 Webserver ... install it as an optiontal extra. ... Regardless of the mechanism a hacker uses to break into your machine, ... This tool logs Application, System, and Security Events. ...
      (microsoft.public.windowsxp.security_admin)