FW: [WEB4LIB] Security Holes on IIS
Gimon, Charles A
cagimon at mplib.org
Mon May 21 16:20:38 EDT 2001
Note that a lot of the known holes in IIS have historically involved either
the IIS online (web-based) Admin system or Front Page extensions. Disabling
or removing those can solve a lot of problems in one swoop--and possibly
avoid future ones as well.
Most of the unsuccessful "script kiddie" attacks that we see here involve
the iisadmin stuff.
--Charles Gimon
Web Coordinator
Minneapolis Public Library
> -----Original Message-----
> From: Andrew Mutch [mailto:amutch at waterford.lib.mi.us]
> Sent: Monday, May 21, 2001 2:48 PM
> To: Multiple recipients of list
> Subject: [WEB4LIB] Security Holes on IIS
>
>
> If you are an administrator of a Microsoft NT 4 box running
> IIS 4.0, I highly
> recommend that at the minimum, you should be aware of the
> following resources:
>
> 1) The Microsoft Security site with information on the latest
> patches for IIS
> here:
>
http://www.microsoft.com/technet/security/
If you have not been keeping up with the security patches that have been
released for IIS, you are in luck as Microsoft has released a comprehensive
patch for IIS to address almost all of the patches released since SP5.
http://www.microsoft.com/technet/security/bulletin/MS01-026.asp
2) Microsoft makes it easy for you so that you can receive Security
bulletings
automatically as soon as they are released:
http://www.microsoft.com/technet/security/notify.asp
3) You should read this security checklist for IIS 4.0 to help you eliminate
other security vulnerabilities.
http://www.microsoft.com/technet/security/iischk.asp
While none of this will guarantee that you won't be attacked, hacked or
otherwise compromised, it will at least save one the embarassment of trying
to
explain to the Boss why the server was hacked through a hole that has been
public knowledge for a number of months. It has been our experience from
checking our server logs and dealing with some minor hacks that if your
server
is accessible to the public, you can expect it to be under continuous attack
from various hacking-types around the world. Most of them don't seem to
know
what they are doing but don't make it easy for them.
Andrew Mutch
Library Systems Technician
Waterford Township Public Library
Waterford, MI
Margaret Escherich wrote:
> Ugh, just discovered we have gotten this, too....
>
> Margaret Escherich
> Senior Librarian/Webmistress
> Oakland Public Library
> http://oaklandlibrary.org
>
More information about the Web4lib
mailing list