RE: Firewalls & IIS 5

From: rwg (a-robg_at_online.microsoft.com)
Date: 03/26/04 

Date: Fri, 26 Mar 2004 14:04:44 GMT

|
| Any and all advice would be appreciated.
|
| -Paul Grant
|

Personally, I feel the protection need is still there. On my WinXP and WIn2000 machines with IIS, I use Linksys router/firewall, and ZoneAlarm Pro.
ZoneAlarm will tell you about outgoing request also, so you can spot any Trojans calling home. Zonealarm has a home free version.

-rwg
This is what I think, not necessarily what is accurate!

--------------------
| Content-Class: urn:content-classes:message
| From: "Paul Grant" <pmpgrant@pacbell.net>
| Sender: "Paul Grant" <pmpgrant@pacbell.net>
| Subject: Firewalls & IIS 5
| Date: Thu, 25 Mar 2004 10:56:04 -0800
| Lines: 20
| Message-ID: <13bc001c4129a$d2ac0950$a101280a@phx.gbl>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="iso-8859-1"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
| Thread-Index: AcQSmtKseExU9/O0S5qoh0QF4HcC2Q==
| Newsgroups: microsoft.public.inetserver.iis.security
| Path: cpmsftngxa06.phx.gbl
| Xref: cpmsftngxa06.phx.gbl microsoft.public.inetserver.iis.security:10604
| NNTP-Posting-Host: tk2msftngxa09.phx.gbl 10.40.1.161
| X-Tomcat-NG: microsoft.public.inetserver.iis.security
|
| I am setting up a simple single ftp and website on my DSL-
| connected (static IP) W2K Workstation Pro using IIS 5. I
| will have all service packs and security hotfixes
| installed and will use Windows Update to dynamically
| install any new critical updates as they appear. I intend
| to follow the security practices outlined for installing
| IIS 5 contained in the pertinent MS KB docs.
|
| My question is: "Do I really need, in addition, a firewall
| of the PC desktop type available from Symantec, BlackIce,
| and a number of other vendors?"
|
| Researching this issue on firewall vendor websites isn't
| much help. In fact, Symantec states outright that they
| will not technically support their desktop firewall on a
| system running IIS 5.
|
| Any and all advice would be appreciated.
|
| -Paul Grant
|

Relevant Pages

  • Re: [fw-wiz] Securing a Linux Firewall
    ... If it is not setuid, and not setgid, it _can't_ grant you extra privs ... > programs the firewall needs and only put those on the jumpstart CD". ...
    (Firewall-Wizards)
  • Re: IIS 6 and systems object namespace
    ... I have to support multiuser/multiowner webs in multiple sites on IIS 6, ... the backend accounts from the areas of other backend accounts on which the ... pool needs to spin up it fails. ... was not able to grant to the iwam* group). ...
    (microsoft.public.inetserver.iis.security)
  • Re: Problem signing on to AIM with Net::AOLIM
    ... I had already verified that my AOL account can send and receive IMs by logging in and exchanging IMs with another user. ... I also turned off my XP firewall temporarily and tried numeric IPs instead of hostnames but no luck. ... I know nothing about AIM. ... grant write ability through your XP system. ...
    (comp.lang.perl.misc)
  • Re: REPOST of Re: [opensuse] OpenSuse 11
    ... inbuilt into Windows systems? ... | good router should have firewall software built in. ... before widnose has been started up, to keep your registry free from ... You can choose to grant only once, or remember decision, grant or denie. ...
    (SuSE)
  • Re: [fw-wiz] Securing a Linux Firewall
    ... >> can grant no additional privs. ... Suppose that your firewall has the option to run an outside program on a fixed ... the firewall will not be bugfree, and the attacker will be able to execute ...
    (Firewall-Wizards)