Educause Security Discussion mailing list archives
UTM Appliances
From: Mike Wilber <mwilber () SC4 EDU>
Date: Mon, 13 Jul 2009 08:22:55 -0400
Hello, I would be interested in hearing about types of Unified Threat Management appliances that your using and your experiences with them. Thanks, Mike Wilber * Technical Director * CISSP, MCSE, CCNP, CCDP * St. Clair County Community College * SunGard Higher Education * 323 Erie Street, Port Huron, MI 48060 * michael.wilber () sungardhe com * Tel 810-989-5665 * Fax 810-989-5618 CONFIDENTIALITY: This email (including any attachments) may contain confidential, proprietary and privileged information, and unauthorized disclosure or use is prohibited. If you received this email in error, please notify the sender and delete this email from your system. Thank you. -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Valdis Kletnieks Sent: Friday, July 10, 2009 4:59 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Web server default page On Fri, 10 Jul 2009 15:23:46 EDT, "Cheek, Leigh" said:
Do you see any big vulnerabilities with the IIS default page?
Well, for *starters*, it says "Somebody's asleep at the wheel here, and has IIS installed and running but no actual site." Even if the IIS default page *itself* doesn't have holes, I'd not be surprised if it attracts *other* attacks: 1) Hmm.. Maybe the IIS got installed a long time ago by accident, and isn't patched. Let's toss some 2-year-old exploits at it and see what sticks.. 2) If they're asleep on the IIS issue, I wonder what *else* is sitting there. Time to nmap the server, and maybe a few IP addrs up and down from it, and see what's open. Maybe they left C:\ mapped to the world or something... Bottom line - the biggest problem is probably not the page, but the message it sends about the site's security stance...
Current thread:
- UTM Appliances Mike Wilber (Jul 13)