IIS Server Security - Testing security

This is Interesting: Free IT Magazines  
Home > Archive > IIS Server Security > June 2004 > Testing security





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Testing security
Pradeep

2004-06-27, 10:10 am

Here is thelink from Symantec website-
http://security.symantec.com/sscv6/default.asp?
langid=ie&venid=sym

>-----Original Message-----
>Hi,
>
>Is there any tools out there that would test your server
>for any security holes or weakness. How would one go
about
>to test their server again possible hackers.
>
>Thanks
>
>Rick
>.
>
WinGuy

2004-06-28, 8:55 am

"Pradeep" <anonymous@discussions.microsoft.com> wrote in message
news:220a101c45c58$7d40c250$a501280a@phx
.gbl...
> Here is thelink from Symantec website-
> http://security.symantec.com/sscv6/default.asp?
> langid=ie&venid=sym

Interesting test and for me its results on 2 computes pretty much agreed
with known configurations and results from other testing procedures, except
for the anti-virus check. On one computer it detected the antivirus product,
but on a 2nd (a fully activated IIS5 server, ftp/smtp/http, and a Mercury
email server) it did not detect either of the 2 installed and updated (only
hours before the test) antivirus products even though one of the two
products is an identical to that which was detected on the client. The
server computer uses an antivirus product specific for the Mercury email
server functionality, and the other antivirus product is globally used on
the server. Failure to identify both antivirus products on the server may
have been due to Spybot Resident module detecting the test trying to change
the registry (which I didn't like, the test had not notified me of that
intent), which was manually denied. SpywareGuard on the server did not
detect the attempted registry change. The client computer did not detect
via, Spybot Resident, a registry change attempt. ActiveX usage was manually
allowed at the prompts on the server. The client did not prompt for a
security certificate allowance, but the server did and it was manually
allowed. The registry change attempt was not detected by the client, which
also uses the Spybot Resident module. Therefore I am somewhat confused about
the reliability of the tests in general and so I did not submit statistics
for either computer. It is probable that ZoneAlarm Pro setting differences
between the 2 computers also confused the tests. A server firewall
(BlackIce) also firewalled the test part way through, which further
invalidates the server test results. The server firewall (ZoneAlarm Pro) did
not detect anything unusual. The server runs 2 software based firewalls and
sits behind its very own router that is not exposed to the LAN (it is fully
isolated except to internet). The client runs only one software based
firewall and sits behind a shared router with other clients. Both computers
are always kept fully updated in all respects. Normally, IE is not used from
the server (the server test was an exception).


Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com