The problem is not IIS its self. I have IIS servers that I didn't install
any patches on and they did not get hit. They were attacked, but nothing
went through.
You have to make sure to take every security precaution.
Make sure your web root is not stored on the same hard drive as your OS.
Remove all unnecessary ISAPI extensions. Make sure the directories are
secure. When I first saw the idq and web based printing stuff I knew that
it couldn't be secure, so I took it out.
A big part of this problem is that people are not looking at everything.
While MS should not turn a lot of this stuff on by default, it is very easy
to turn it off.
No matter what Server Software you install you will need to put patches on
it. System admins need to look at everything on their systems.
>-----Original Message-----
>From: Rey Bango [mailto:[EMAIL PROTECTED]]
>Sent: Tuesday, September 25, 2001 12:03 PM
>To: CF-Talk
>Subject: OT: Check out what Gartner is recommending. Drop IIS!
>
>Now, I've always found Gartner to sway in a particular direction based in
>the wind changes and the phases of the moon but this recommendation is just
>plain stupid. Check it out:
>
>http://news.cnet.com/news/0-1003-200-7294516.html
>
>Rey Bango
>
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Your ad could be here. Monies from ads go to support these lists and provide more
resources for the community. http://www.fusionauthority.com/ads.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
