Security Basics mailing list archives
RE: Tools for IIS security check
From: "Mike Heitz" <mikeheitz () upshotmail com>
Date: Thu, 19 Dec 2002 11:40:53 -0600
Some info on the IIS lockdown tool... Steph is correct in advising caution with it. I have it installed on our web server and it works nicely. We are planning an install on our OWA server and here is a document I located with steps to go through on an OWA server with it... http://support.microsoft.com/default.aspx?scid=KB;en-us;309508&; mike heitz ** sr it manager ** UPSHOT 312-943-0900 x5190 -----Original Message----- From: Janssen, Steph [mailto:s.janssen () ictk wegener nl] Sent: Thursday, December 19, 2002 2:29 AM To: SECURITY-BASICS () SECURITYFOCUS COM Subject: RE: Tools for IIS security check Hello Harish, I would refer you to the following tools: http://www.nextgenss.com/ Where you can find Typhon. It does about 180 checks, is easy to use, and immediately advises you on how to fix your problem ;) http://support.microsoft.com/default.aspx?scid=kb;EN-US;303215 Microsoft security hotfix checker. This tool is a great tool to tell you on what security fixes you are missing out on. I heavily recommend using it, especially after the updating it's been through. Last one is offcourse (but be carefull with the use of this one!): http://www.microsoft.com/downloads/details.aspx?FamilyID=dde9efc0-bb30-4 7eb- 9a61-fd755d23cdec&displaylang=en IIS lockdown tool. It's a great way to start off with a clean and secure IIS. Though if you are currently running servers, it could give you problems. I've had some experiences in my surroundings where after using this tool things like OWA wouldn't work anymore, and other problems which weren't exactly easy to fix. Kind regards, Steph Janssen Wegener ICT/K -----Oorspronkelijk bericht----- Van: Harish Gondavale [mailto:hardgo () yahoo com] Verzonden: woensdag 18 december 2002 5:50 Aan: SECURITY-BASICS () SECURITYFOCUS COM Onderwerp: Tools for IIS security check Hi all, Can somebody give few good free tools' name, which can be used to verify that IIS is secured completely? I know few of them : Nessus, Nikto Thanks for all your help. Bye. Harish __________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com
Current thread:
- Tools for IIS security check Harish Gondavale (Dec 18)
- RE: Tools for IIS security check Jimmy Sansi (Dec 19)
- Re: Tools for IIS security check N30 (Dec 19)
- Re: Tools for IIS security check Rahul Chander Kashyap (Dec 19)
- RE: Tools for IIS security check Dominick Sardina (Dec 19)
- Re: Tools for IIS security check GSimmonds (Dec 20)
- <Possible follow-ups>
- re: Tools for IIS security check H C (Dec 19)
- RE: Tools for IIS security check Janssen, Steph (Dec 19)
- RE: Tools for IIS security check Rosado, Rafael (Rafael) (Dec 20)
- RE: Tools for IIS security check Mike Heitz (Dec 20)
- Re: Tools for IIS security check gorski2003 (Dec 20)