|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: FTP on IIS servers
From: Gene R. Gomez (ggomez
VERANCE.COM)Date: Fri Sep 22 2000 - 15:08:02 CDT
- Next message: Marc Maiffret: "Re: Wingate from deerfield.com"
- Previous message: H Carvey: "Re: how to detect password sniffing trojans ?"
- Maybe in reply to: John Phillips: "FTP on IIS servers"
- Next in thread: Henry Sieff: "Re: FTP on IIS servers"
- Maybe reply: Gene R. Gomez: "Re: FTP on IIS servers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Best reason not to have it: You don't need it. Basic security training
says "disable all unused or unneeded services."
Going to the weak link in the chain analogy, the more more links you have,
the better the chance SOMETHING is going to give. Besides, it's pretty much
guaranteed that someone else knows something you don't. You give them less
things to know more than you on, and it makes their job much harder if they
want to make your life difficult.
-Gene
-----Original Message-----
From: John Phillips [mailto:wi_phillyHOTMAIL.COM]
Sent: Thursday, September 21, 2000 6:49 AM
To: FOCUS-MSSECURITYFOCUS.COM
Subject: FTP on IIS servers
Hello,
I am looking for any reason not to have FTP on an IIS
server other than the lear text. Are there any other
holes created because of FTP being installed? What
about also having FP Extentions?
Thank You in Advance,
John
- Next message: Marc Maiffret: "Re: Wingate from deerfield.com"
- Previous message: H Carvey: "Re: how to detect password sniffing trojans ?"
- Maybe in reply to: John Phillips: "FTP on IIS servers"
- Next in thread: Henry Sieff: "Re: FTP on IIS servers"
- Maybe reply: Gene R. Gomez: "Re: FTP on IIS servers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]