Re: isolating web server

From: Jerry Pisk (jerryiii_at_hotmail.com)
Date: 04/13/04 

Date: Tue, 13 Apr 2004 00:50:53 -0700

No it's not, not having remote access to a server is perfectly normal when
security is an issue. You have to walk to the box and login locally as an
admin to have enough rights to actually replace web site code (files).

Jerry

"Hernán Castelo" <hhh@hotmail.com> wrote in message
news:uw%23AVxIIEHA.308@tk2msftngp13.phx.gbl...
> i can go to server for the upload...
> don't think to be a bad approach...
>
> please tell me that is not strange at all
>
> --
> atte,
> Hernán Castelo
> UTN Buenos Aires
> . . . . . . . . . . . . . . . . . . . . . . . . .
.
> "Jerry Pisk" <jerryiii@hotmail.com> escribió en el mensaje
news:%23jr3ANqHEHA.700@TK2MSFTNGP09.phx.gbl...
> > The fact that you can't put remotely any files on the server is a good
> > thing. If you want to be secure you will have to walk over to the box to
> > release new version of your site. The moment you allow yourself to
upload
> > files remotely you're opening a security hole.
> >
> > Jerry
> >
> > "Hernán Castelo" <hhh@hotmail.com> wrote in message
> > news:%23myDe4JHEHA.956@TK2MSFTNGP09.phx.gbl...
> > > Hi
> > > i read microsoft.com
> > > that "web servers do not require netbios or smb" (sic)
> > > then MS recomends to disable smb by this way:
> > >
> > > 1) "Clear the Client Microsoft Networks box"
> > > 2) "Clear the File and Printer Sharing for Microsoft Networks box"
> > >
> > > this confused to me,
> > >
> > > if i do that, webserver can't see the intra-net
> > > but i guess thats right because
> > > the web server requests sql server vía tcp/ip and
> > > then i think no problem...
> > > But i can't see the server from my workst,
> > > then how can i put "developement files"
> > > to the "production web site" ???
> > > i will need to set "Clear the File and Printer Sharing for Microsoft
> > Networks box" again ???
> > > whats the goal ?
> > > and... how can i do replication from the actual
> > > sql-data in a server to its copy at the web server??
> > >
> > >
> > >
> > > thanks
> > >
> > >
> > > (this is the link
> > >
> >
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secmod/html/secmod89.asp)
> > >
> > > --
> > > atte,
> > > Hernán Castelo
> > > UTN Buenos Aires
> > > . . . . . . . . . . . . . . . . . . . . . . . .
.
> > .
> > >
> > >
> >
> >
>
>

Relevant Pages

  • SecurityFocus Microsoft Newsletter #171
    ... Better Management for Network Security ... GoodTech Telnet Server Remote Denial Of Service Vulnerabilit... ... ASPApp PortalAPP Remote User Database Access Vulnerability ...
    (Focus-Microsoft)
  • Re: File Upload - Security Issues
    ... You want to upload a file for what reason and ... these viruses have less chance of being able to execute (even if succeeded ... :> file and what pitfalls you see re: security might be helpful on this ... :>: files to an IIS server that doesn't have MS Office actually installed? ...
    (microsoft.public.scripting.vbscript)
  • Re: File Upload - Security Issues
    ... uploaded and the user could upload any or all of these in theory. ... There is no one product that can give you 100% security, ... > Code doesn't execute in local memory space unless remote user has rights ... > You don't have MS Office installed on the server. ...
    (microsoft.public.scripting.vbscript)
  • Re: File Upload - Security Issues
    ... You want to upload a file for what reason and you do ... file and what pitfalls you see re: security might be helpful on this end?! ... files to an IIS server that doesn't have MS Office actually installed? ... 2* Upon submit this is submitted to an ASP page that then (using the XML ...
    (microsoft.public.scripting.vbscript)
  • Re: DomainLocalServer$ is not a valid user
    ... it can be a BIG security hole. ... Local System or Network Service account on a machine makes a remote request ... things have access to your SQL Server. ...
    (microsoft.public.sqlserver.security)