Find, Fix Vulnerabilities | eWeek

Find, Fix Vulnerabilities

Oct 29, 2001
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

Get out the treasure map. bring along a stethoscope. hunting down IIS systems, especially inadvertently installed rogues, will take a methodical, plodding approach. However, an accurate network diagram and diagnostic tools can take some of the pain out of plugging IIS security holes.

Draw a map of the organizations network that shows where IIS systems are installed. HFNetChk, from Microsoft, can scan local or remote machines and indicate which patches have and have not been applied. This tool is hard to automate, and the output is difficult to use. Inventory management tools from Tally Systems Corp. and others can make this task a lot easier and less prone to error, by automatically surveying systems for a software “fingerprint.” Although they require that an agent be installed on the target system, this is a small price to pay to keep tabs on critical systems. BindView Corp. makes a variety of bv-Control tools for Windows 2000. BindView products monitor server configurations specifically for changes to security settings. IT managers can then set configuration requirements and receive reports and alerts when systems are out of compliance.

Locate Windows 2000 servers that were automatically installed with IIS enabled but were not authorized by central IT. This will be a lot trickier. IT managers who suspect renegade systems are inside the firewall should start with the simple questions: Was a disk imaging system used to create production servers? If so, did the disk image include IIS, which is part of the default installation?

Send e-mail asking departmental administrators if they know of any IIS servers operating in their area. Its probably a good idea to offer an amnesty program to encourage people to turn in their unauthorized servers. CyberCop Scanner, from Network Associates Inc., can help IT managers scan the internal network for “responsive devices,” including IIS. Match legitimate IIS systems with the CyberCop Scanner report and investigate all other found devices.

Read up on security threats and preventive measures. The “Hack Attacks” series by John Chirillo (Wiley Computer Publishing) and “Viruses Revealed” by David Harley et al. (McGraw-Hill) offer in-depth expertise on how systems are compromised while imparting fundamental practices that IT managers can use to protect network resources.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.