Firewall Wizards mailing list archives
RE: mitigating the lack of a firewall
From: "Phil Cox" <Phil.Cox () SystemExperts com>
Date: Tue, 15 Feb 2000 12:19:59 -0800
As to IIS4.0 and NT, well, locking up such a system can be quite a chore, and some might argue a chore of impossibility. A look at the BugtraQ archives on NT and IIS4.0 might make ya a tad queasy. I personally feel NT is not up to the same tasking as uni* systems tend to be.
Suppose an Internet site does not have a firewall. Can a securely configured IIS 4.0 server running under securely configured NT 4.0 protect the site from unauthorized access and denial of service attacks?
Yes it can be done. What really matters is the type of content you are serving up with it, that is where it might break. The reason that IIS/NT gets such a bad rap is that they are just plunked out on the net for all to have at. Many a Unix box would fall to exploit under these condition as well. Take a look at the following 2 URLs for a starting point: IIS Checklist http://www.microsoft.com/technet/security/iischk.asp Building a Windows NT bastion host in practice v1.3 http://people.hp.se/stnor/ Phil
Current thread:
- mitigating the lack of a firewall Bruce H. Nearon (Feb 14)
- Re: mitigating the lack of a firewall R. DuFresne (Feb 15)
- RE: mitigating the lack of a firewall Phil Cox (Feb 15)
- Re: mitigating the lack of a firewall Aaron D. Turner (Feb 15)
- Re: mitigating the lack of a firewall Ryan Russell (Feb 15)
- Message not available
- Re: mitigating the lack of a firewall Marcus J. Ranum (Feb 15)
- Re: mitigating the lack of a firewall R. DuFresne (Feb 15)
- <Possible follow-ups>
- RE: mitigating the lack of a firewall Starkey, Kyle (Feb 15)
- RE: mitigating the lack of a firewall David LeBlanc (Feb 16)
- Re: mitigating the lack of a firewall Malcolm Holser (Feb 17)
- RE: mitigating the lack of a firewall Burden, James (Feb 24)