|
On Mon, 24 Sep 2001, Walden H. Leverich wrote: > regardless of the back end web server. A PROPERLY configured and maintained > IIS box is rather secure. I do *not* want to start a flame war here. A properly configured IIS box is nearly impossible to achieve. This is not because of lack of available fixes for know exploits, but because of design flaws inherent in the system. For information on this please see www.securityfocus.com or other security related sites. The only known way to properly secure such a machine is to unplug it from the network and remove the keyboard :) Someone else posted a message here about the Gartner Group recommending that all IIS machines be replaced. These are serious issues and any network installation needs to be looked at carefully, particularly so if it is a Microsoft OS. (If anyone can show I'm wrong about the design issues I'll gladly take back what I said - that it is fundamentally flawed, not just in need of patches) James Rich james@eaerich.com
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
