NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FW: [FW1] WebSite being Hacked!!!




the Cerberus scanner do a good job of scanning your system
but then it email the whole list of your system vulnerablities to
some email address

Beware ????

-----Original Message-----
From: [email protected]
[mailto:[email protected]]On Behalf Of Reed
Mohn, Anders
Sent: Thursday, May 31, 2001 3:30 AM
To: 'Felix'; Fw-1-Mailinglist
Subject: RE: [FW1] WebSite being Hacked!!!




1.
You don't. However, if you have set up your FW rule base
properly, a port scan is not a problem. Remember that the only
thing an intruder will get out of a port scan, is a list of ports
and IP's that you have (purposely, or not) allowed access to.
Your rule base should only allow access to the ports and IPs necessary.
Everything else should be blocked by default.


2.
First and foremost, you tighten the security on your web-server.
Read all the MS security bulletins on IIS vulnerabilities.
(www.microsoft.com/security)
Install patches, and make configuration changes, as required
by the bulletins. Check out places like www.cert.org for
details on possible threats.
Also, run Patchwork (http://grc.com/pw/patchwork.htm)
and the Cerberus Internet Scanner (http://www.cerberus-infosec.co.uk/)
to check for any holes in your NT server and IIS, that you might want to
plug.
That should keep you reasonably safe.

3.
You can have a look here:
http://www.rtek2000.com/Tech/InternetSecureLinks.html#ids
This should lead you to all the info you need.

Cheers,
Anders :)



> -----Original Message-----
> From: Felix [mailto:[email protected]]
> Sent: 30. mai 2001 16:52
> To: Fw-1-Mailinglist
> Subject: [FW1] WebSite being Hacked!!!
>
>
>
> Hi, all:
>
>    one of my web server (IIS4.0 on NT 4.0 SP6a) which is
> behind my FW1-4.1
> sp3 has been hacked.
> I think the hacker used script via IE explorer to hack it.
>   My questions are:
> 1. How to prevent from ports scanning through Internet.
> 2. How to prevent from being hacked through port 80.
> 3. How can I enable the Intruder Detect system (not only ip spoofing)
>
> Thanx!
>
>
>
> ==============================================================
> ==================
>      To unsubscribe from this mailing list, please see the
> instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
>


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.