RE: Should webservers, eg. IIS 6 have anti--virus installed on them?
From: Greg Kelley (gkelley_at_vestigeltd.com)
Date: 07/20/05
- Previous message: Harlan Carvey: "RE: Should webservers, eg. IIS 6 have anti--virus installed on them?"
- Maybe in reply to: Sarbjit Singh Gill: "Should webservers, eg. IIS 6 have anti--virus installed on them?"
- Next in thread: Harlan Carvey: "RE: Should webservers, eg. IIS 6 have anti--virus installed on them?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 20 Jul 2005 09:14:43 -0400 To: <focus-ms@securityfocus.com>
I believe they should. Let me explain why.
Web servers are not necessarily setup to just serve pages. They can
also accept uploads of files. Those files should be screened before
being allowed on the network.
AV software also protects web servers against the administrator
themselves. If the admin mistakenly launches the wrong file, a properly
configured AV will protect against that.
I completely agree that AV is part of a multi-faceted approach to
protect ones entire network. Not putting AV on a machine because you
don't "think" it can get infected because you are assuming you have it
locked down and configured properly is like saying you don't need to
configure your desktops properly with patches because you have AV on
them.
Some make the argument that AV is a day or two behind with definitions
to protect against some of the biggest worms and exploits. I agree, but
I have seen companies hit with such attacks a days after definitions are
available. Not having all machines updated and running AV allows such
attacks to happen.
My final point is... Why roll this dice on this question??? It cost
what, an additional $30-$50 to put AV on a computer? If it's a little
redundant, so what? Are you going to bet your job on the theory that
"in a perfect world where my server is configured properly, I'm the only
one with access to it, I don't believe people will be copying files to
my web server, I'm 100% sure of every single file I launch, bar none,
sure I don't need AV on my web server".
If you are willing to bet your job and reputation on that, that's one
less person I'll have to compete with for a security contract.
Greg Kelley, EnCE
Vestige Digital Investigations
Computer Forensics | Electronic Discovery | Corporate Surety
46 Public Square, Ste 220
Medina, OH 44256
(330)721-1205 x5432
(330)721-1206 Fax
http://www.vestigeltd.com
-----Original Message-----
From: Sarbjit Singh Gill [mailto:ssgill@gilltechnologies.com]
Sent: Sunday, July 17, 2005 12:22 PM
To: focus-ms@securityfocus.com
Subject: Should webservers, eg. IIS 6 have anti--virus installed on
them?
Greetings
Should IIS have anti-virus installed on them. I know I would do it for a
fileserver but for IIS, I rather lock it down.
Thanks.
/Gill
------------------------------------------------------------------------
--- ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- ---------------------------------------------------------------------------
- Previous message: Harlan Carvey: "RE: Should webservers, eg. IIS 6 have anti--virus installed on them?"
- Maybe in reply to: Sarbjit Singh Gill: "Should webservers, eg. IIS 6 have anti--virus installed on them?"
- Next in thread: Harlan Carvey: "RE: Should webservers, eg. IIS 6 have anti--virus installed on them?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
