Hardening servers is usually focused on keeping the bad guys out. But with the recent rapid fire release of serious exploitable problems in IE, server security needs to also include a renewed commitment to keeping administrators from browsing the net with IE. In classes and lecture, I tell people to block port 80 outbound from IIS server either using IPSEC, ICF (for SP1 on Windows Server 2003), or your firewall. Many smaller shops, however, permit admins to browse with IE in order to pull down patches from Windows Update or utilities as required. Keeping to well known sites is a good thing, but there's no assuarance that everyone will be so well behaved that has access to the server.
http://www.theregister.co.uk/2004/11/02/web_security_survey_scansafe/ states "Internet Explorer exploits posed the fastest growing web security threat to enterprises in the last quarter, according to web security services firm ScanSafe. The top exploit (Exploit.HTML.Mht) was used to attack twice as many businesses as any other web security threat in Q2 2004."
So, tighten up those servers and keep an eye on your client systems. All these problems with client side phishing combined with IE vulnerabilities make web filtering systems a lot more attractive.
-brett
End of Article
In a word: Firefox 1.0
http://www.mozilla.org
Anonymous User November 17, 2004 (Article Rating: )
Microsoft Learning Snack - Green IT Through Virtualization Many organizations face rising operating costs caused by excessive energy consumption. Virtualization and "Green IT" can help cut these costs. Get the information you need to bring Green IT savings to your business.
Order Your Fundamentals CD Today! Register today for your in-depth copy of one of three Fundamental CDs on the following topics – Exchange, SQL, and SharePoint.
Microsoft Learning Snack - Virtualization Basics With virtualization, computing components essentially become on-demand services, freeing each element of a system from the others. This short video explains the needs, benefits, and technologies behind virtualization.
Microsoft Learning Snack - Virtualization Basics With virtualization, computing components essentially become on-demand services, freeing each element of a system from the others. This short video explains the needs, benefits, and technologies behind virtualization.
Empower Your Processes with PowerShell 201 Paul Robichaux delves deep into PowerShell how-tos in 3 informative lessons, each followed by live Q&A—all on your own computer! Register today!
Microsoft Learning Snack - Green IT Through Virtualization Many organizations face rising operating costs caused by excessive energy consumption. Virtualization and "Green IT" can help cut these costs. Get the information you need to bring Green IT savings to your business.
New Release: Windows IT Pro Master CD 13 years of content archives, fast answers with advanced search tools, and full access to WindowsITPro.com—order today!
Register
http://www.mozilla.org
Anonymous User November 17, 2004 (Article Rating: