Re: IIS Server ---> antivirus and patches
From: karl [x y] (jamescagney90210@excite.com)
Date: 07/27/02
- Next message: karl [x y]: "Re: outside user able to see list of users/administrators?"
- Previous message: karl [x y]: "Re: help needed"
- In reply to: geek1990: "IIS Server ---> antivirus and patches"
- Next in thread: Jeff Cochran: "Re: IIS Server ---> antivirus and patches"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "karl [x y]" <jamescagney90210@excite.com> Date: Fri, 26 Jul 2002 23:26:10 -0400
"geek1990" <webmaster@auctionsexpert.com> wrote in message
news:19cc01c234ea$b163e220$3bef2ecf@TKMSFTNGXA10...
> What antivirus package is sufficient to run on IIS in
> order to keep it up. Do you absolutly have to run McAfee
> Webshield or can you run safe just McAfee VirusScan 4.5.1
I personally have never cared for McAfee antivirus. I like Norton.
> SP1 ? Do you need to run in addition Netshield or
> VirusScan is sufficient? How do you setup the server with
Personally I think just VirusScan plus Microsoft patches is sufficient,
though since it scans files and memory, I am guessing it might not
completely stop an IIS server from becoming infected with a worm like Code
Red/Nimda.
> all the patches from Microsoft, do you download them in
> the real time from somewhere on Microsoft website or do
> you download them first, after disconnect from the network
> for installing on your Windows 2000 server IIS, all the
> patches and just after put it back on the network?
I prefer to download the files and install them in chronological order, then
run hfnetchk afterwards from www.Microsoft.com/download to confirm the
patches are all installed. I understand there are several ways to download
patches from Microsoft, but for server security on IIS, I feel safer doing
and checking it myself. It's up to you, your security needs and your
environment [such as how many servers you have and how close you are to
them]. You definitely need one or more reboots for the patches to take
effect, which to me means you need to manually intervene anyways.
If you haven't yet, check out www.microsoft.com/security , especially the
securing IIS and windows checklists and IISlockdown including URLscan.
Software and/or hardware firewalls are something else to consider. Hacking
Exposed 3rd edition and Incident Response are two good introductions to
security measures, and you can get 4 books for the price of one at
http://lcis.booksonline.com
- Next message: karl [x y]: "Re: outside user able to see list of users/administrators?"
- Previous message: karl [x y]: "Re: help needed"
- In reply to: geek1990: "IIS Server ---> antivirus and patches"
- Next in thread: Jeff Cochran: "Re: IIS Server ---> antivirus and patches"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
