Re: which firewall

From: Peter Larsen (plarsen@mail.tele.dk)
Date: 05/27/02


Date: Mon, 27 May 2002 08:28:44 +0200
From: Peter Larsen <plarsen@mail.tele.dk>

chris@nospam.com wrote:

> Big problem everyone here is missing is that a firewall is
> useless to protect IIS.

Which is why I suggested putting it on the inside of the webserver! -
but perhaps it was too subtle to skip explaining why.

> You have to let requests through to port 80 right?
> Recall that a large majority of the IIS attacks are specially
> malformed get requests.
>
> -Chris

-- 
    ************************************************************* 
    *      This posting handcrafted by Peter Larsen, MCSE       *
    *          My site is at: http://www.muyiovatki.dk          *
    *           I subscribe to http://www.spamcop.net           *
    *************************************************************



Relevant Pages

  • Re: which firewall
    ... > protect IIS. ... You have to let requests through to port 80 right? ... this totally depends on the firewall you are using. ... It goes round and round on this NG.... ...
    (comp.os.ms-windows.nt.admin.security)
  • Re: which firewall
    ... > protect IIS. ... You have to let requests through to port 80 right? ... this totally depends on the firewall you are using. ... It goes round and round on this NG.... ...
    (comp.security.firewalls)
  • Re: which firewall
    ... > Big problem everyone here is missing is that a firewall is ... > useless to protect IIS. ... > malformed get requests. ...
    (comp.security.firewalls)
  • Re: which firewall
    ... > Big problem everyone here is missing is that a firewall is ... > useless to protect IIS. ... > malformed get requests. ...
    (comp.os.ms-windows.nt.admin.security)
  • Re: which firewall
    ... > Big problem everyone here is missing is that a firewall is ... > useless to protect IIS. ... > malformed get requests. ...
    (comp.os.ms-windows.nt.admin.security)