Firewall Wizards mailing list archives

Re:Code Red Paths

From: "Erik J. Varney" <erik () centralsecurity net>
Date: Wed, 8 Aug 2001 12:50:13 -0400

Of course you have to allow inbound (HTTP for example) traffic if you want
to run a webserver behind a firewall. Why does that server need an outbound
connection? Why would IIS be running on machines that aren't serving an
internet/intranet site? If admins took a few extra steps (Deny webservers
outbound connections- for example) this particular worm would not have
propagated itself to so many machines.

Apply the patch? Is that the remedy - sounds like a lazy solution to me. In
fact all an admin had to do was remove the indexing service and the script
mappings.


_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

Re: Code Red Paths Erik J. Varney (Aug 08)
- <Possible follow-ups>
- FW: Code Red paths Miller, Brian (Aug 08)
  - Re: FW: Code Red paths Paul Cardon (Aug 10)
- Re:Code Red Paths Erik J. Varney (Aug 10)