Thanks to everyone who responded to my IIS 5 Log post.
Very useful information was given.
Now, my next question.
I have our IIS 5 server sitting on a private network with
an IP of 10.2.32.20. It is being NAT'd via CheckPoint NG.
I only allow HTTP traffic in to the web server but I allow
the server unrestricted access out from the network.
1. Is this a good idea?
2. Should I lock down the web server's outbound ports to
prevent Nimda/CodeRed type infections from propigating from
my server?
3. What ports should I allow the server to go out on if any?
Thanks in advance.
Craig Brauckmiller
