Greetings,
I think there are 2 main schools here:
1. AV required depending on server role and usage. If documents remain
relatively static(web server serves content only), then lock down, fully
patched and no AV required. It is secondary. If running a site where
documents are uploaded by users, e.g. a web based document management
system(e.g. sharepoint) where documents are uploading reqularly then a AV is
required for sure.
2. AV required always. Filtered scanning required.
/Gill
-----Original Message-----
From: Depp, Dennis M. [mailto:deppdm@ornl.gov]
Sent: Tuesday, July 19, 2005 5:00 AM
To: Jeff; focus-ms@securityfocus.com
Subject: RE: Should webservers, eg. IIS 6 have anti--virus
installed on them?
Jeff,
Interesting comments. Especially about not having IIS in a domain.
Gill,
To me the issue of virus protection depends on how you get
content installed on a machine and what type of content is on
the machine If you have a lot of users loading documents to
your web servers, you might want to consider adding virus
protection to the servers. Of course you should also have
virus protection on the desktops as well. I would not
configure on access virus scanning, but instead would have
scheduled scanning.
Dennis
-----Original Message-----
From: Jeff [mailto:jeff@turbofish.com]
Sent: Monday, July 18, 2005 4:15 PM
To: focus-ms@securityfocus.com
Subject: RE: Should webservers, eg. IIS 6 have anti--virus
installed on them?
Another thing with IIS is it is always good to keep it out of
the domain altogether. Plus, I monitor all traffic to and
from the machine. For example, our email/IIS server doesn't
attach to the network, it sits all by it's lonesome on a
completely different hub that doesn't touch any of the
networked machines. Ok, it doesn't really get lonely, I talk
to it everyday and it does sit right next to the other
servers. I think I caught it winking at the big SQL server
the other day - people are beginning to talk.
But seriously, you need to check SP everyday and keep all of
the holes filled so yes, you are correct, that is number one.
At the same time, I have found it helpful to pick and choose
which patches to install. I have had hardware updates from
Microsoft that caused me nothing but grief.
Other concerns with running a IIS server is data. I don't
even like hooking it's SQL server [smallish - just to run web
data with] with our big SQL server because of security
reasons. I even turn off the lights just so that the other
servers won't get jealous
Viruses shouldn't be too much of a trouble with IIS because
the vast majority of all viruses are activated via email, the
rest with a few rogue sites. Don't run an email client on it,
don't surf the web with it, keep all extra ports locked down,
keep all of the service packs and security releases, be
careful if you run an email server that saves the emails in
temp files, and just as an extra protection, it wouldn't hurt
to have a anti-virus running.
Ok, I'm going home to start working on the non system admin
programming side of my job - maybe even get some sleep. I
hate these 16 hour work days without sleep. You know it's bad
when I enjoy getting a power outages that knocked off all of
the PC's in our network. No power, no PC/server problems!
-----Original Message-----
From: Shyaam
Sent: Monday, July 18, 2005 10:20 AM
To: ssgill@gilltechnologies.com
Cc: focus-ms@securityfocus.com
Subject: Re: Should webservers, eg. IIS 6 have anti--virus
installed on them?
According to my level of knowledge(which is very minimal, in
this especially), I would say that a web server should be
patched well first.
the
anti-virus is a secondary issue. Ofcourse, you need an
antivirus too, but there should always be good patches
implemented which checks for the latest signatures.
--Shyaam
On 7/17/05, Sarbjit Singh Gill <ssgill@gilltechnologies.com> wrote:
Greetings
Should IIS have anti-virus installed on them. I know I
would do it for
a fileserver but for IIS, I rather lock it down.
Thanks.
/Gill
----------------------------------------------------------------------
-----
----------------------------------------------------------------------
-----
--
Thank you in advance for your time and consideration.
Yours Sincerely,
R.S.Shyaam Sundhar
--------------------------------------------------------------
----------
---
--------------------------------------------------------------
----------
---
--------------------------------------------------------------
----------
---
--------------------------------------------------------------
----------
---
--------------------------------------------------------------
-------------
--------------------------------------------------------------
-------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
