[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Code Red: What security specialist don't mention in war nings
Title: RE: [FW1] Code Red: What security specialist don't mention in warnings Hi to all.... >>Patching IIS, >>Dropping all outgoing packets from IIS Servers in the DMZ, >>Using any alternative Web Server to IIS... These are all good solutions.... But lem'me ask u sthg: Why don't u use CP FW' s security server? (Checking with resource...) For example, if Code Red is the case, Why don't u put a rule above all the http-related rules such as; Source Dest. Service Action
And the http->with resource service will be defined as a New Resource ---- URI; URI: Connection Methods:Transparent, Proxy (perhaps not so nec. but doesn't give any headache at least...)
Save everythg, and install.... It should be noted that since mostly *.ida is useless, this rule presumably shouldn't harm any Web-Server-based applications...
|