RE: MS IIS Lockdown tool

From: bonnie temple (btemple@nglantz.com)
Date: 09/26/01


Subject: RE: MS IIS Lockdown tool
Date: Wed, 26 Sep 2001 16:42:44 -0400
Message-ID: <F5B3D6F0E167C843B7791BD5158337600DF894@NGlantz2>
From: "bonnie temple" <btemple@nglantz.com>
To: <dmccartney@core.com>, <security-basics@securityfocus.com>

I have loaded it, but had patches up to date beforehand, so I haven't
had enough
time with it to form an opinion. Installs easily.

Bonnie Temple

-----Original Message-----
From: Daymon McCartney [mailto:dmccartney@core.com]
Sent: Monday, September 24, 2001 9:56 PM
To: security-basics@securityfocus.com
Subject: MS IIS Lockdown tool

Has anyone had any experience with Microsoft's IIS Lockdown tool? If
so,
what do you think?

It says it prevents Code Red, Nimda, and other sorts of viruses without
having the patches installed. Obviously you should still patch your
boxes
(and MS clearly states this on their webite), but it could save a lot of
companies headaches!