OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Christoph Puppe (puppe_at_hisolutions.com)
Date: Wed Sep 25 2002 - 04:17:29 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    zeno wrote:
    > Does anyone know of a gui windows tool that scans your system and provides you with a list
    > of needed patches, and then allows you to select, and have it autodownload and install them?
    > I can't seem to find one (needed mostly for iis).

    Try the IIS Lockdown Tool, removes most extensions (htw, idq et all) and
    even more important, removes the execute permission from command line
    tools which are commonly used by attackers (cmd, tftp, ...).

    Remember to re-run it after installing a SP!

    It installs the URLScann as well, but this seems to be a little flask of
    snake oil, because it checks URLs before they go into the deeper layers
    of the IIS (remember the first 3 Patches for the doubel-encoding and
    Unicode Vulns!).

    Remember to scan your hosts often (like once a week) with a security
    scanner, for example Nessus.org or IIS or Lanscan from GFI. 

    -- 
Mit freundlichen Gruessen,
Christoph Puppe

    We secure your business.(TM)
***************************************************************
HiSolutions AG                phone:  +49 30 533289-0
Bouchestrasse 12                fax:  +49 30 533289-99
D-12435 Berlin                  www:  http://www.HiSolutions.com/
***************************************************************

    ____________________________________

    E-Mail Disclaimer

    Der Inhalt dieser E-Mail ist ausschliesslich fuer den bezeichneten
Adressaten bestimmt. Wenn Sie nicht der vorgesehene Adressat
dieser E-Mail oder dessen Vertreter sein sollten, so beachten Sie
bitte, dass jede Form der Kenntnisnahme, Veroeffentlichung, 
Vervielfaeltigung oder Weitergabe des Inhalts dieser E-Mail 
unzulaessig ist. Wir bitten Sie, sich in diesem Fall mit dem Absender
der E-Mail in Verbindung zu setzen. 

    The information contained in this email is intended solely 
for the addressee. Access to this email by anyone else is 
unauthorized. If you are not the intended recipient, any form
of disclosure, reproduction, distribution or any action taken 
or refrained from in reliance on it, is prohibited and may be 
unlawful. Please notify the sender immediately. 

    ----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com