Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Should webservers, eg. IIS 6 have anti--virus installed on them?

from [Brady McClenon] Network Security [Permanent Link]
Subject: RE: Should webservers, eg. IIS 6 have anti--virus installed on them?
Date: Wed, 20 Jul 2005 11:00:27 -0400 
If what I said was taken to be a cheap shot I apologize to all.  It was
meant to be a warning to never take the attitude that one is infallible,
and perhaps I should have said "one" instead of "you", because that is
what I meant.  I did not mean to single any one person out.

I'll digress a bit now and say this.  No, an AV product is not a
necessity on an IIS server, but then neither is a firewall.  They are
both just ways to minimize risk, and I can not see how anyone can oppose
one and advocate the other.  Would I recommend running IIS without
either?  No.  If the added cost of either is too costly then let
management make that call, but as a sys admin never rule out any
security measure based on cost.  If it bogs down your system, well then
maybe adding exclusions will help or in the end you may have to go
without and disable or uninstall it.

What are we trying to protect ourselves from with AV?  Well, except for
the obvious viruses, worms and trojan horse answer, which seems
smartass, I do know.  What's the next threat going to be?  No one knows
that either.  My system is fully patched and properly secured.  Why do I
need AV?  Why do I need a firewall?  Answer: To minimize risk against
what you, or your product vendor didn't see coming, or the vulnerability
that is discover and disclosed to the public before a patch, or other
solution was released or found.  Yes, they are both band-aid approaches,
but sometimes band-aids is all you have.  AV software, firewalls, IDS
systems, (I'm sure more could be named but I'm drawing a blank).
They're all really band-aid approaches.  If we could guarantee the
security of our systems, none of them are needed.  Unfortunately, we can
not.

I also think it's being lost that a lot of web servers are not single
admin, or a group of admin/developers posting content.  I work in
academia and know a few other colleges that use IIS to give student
space to create their own personal web page.  Many ISPs give clients
space too.  Can it honestly be said that these admins don't need to
install an AV client, or that it might be a good idea?


---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Should servers have anti--virus installed on them?, Matthew Farrenkopf
Next by Date:  RE: Should webservers, eg. IIS 6 have anti--virus installed on them?, Harlan Carvey
Previous by Thread:  RE: Should webservers, eg. IIS 6 have anti--virus installed on them?, Matthew Farrenkopf
Next by Thread:  RE: Should webservers, eg. IIS 6 have anti--virus installed on them?, Harlan Carvey
Indexes:  [Date] [Thread] [Top] [All Lists]