Return-Path: <sentto-279987-2353-1001459860-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Tue, 25 Sep 2001 16:21:12 -0700 (PDT) Received: (qmail 7907 invoked by uid 510); 25 Sep 2001 23:19:00 -0000 Received: from n8.groups.yahoo.com (216.115.96.58) by 204.181.12.215 with SMTP; 25 Sep 2001 23:19:00 -0000 X-eGroups-Return: sentto-279987-2353-1001459860-fc=all.net@returns.onelist.com Received: from [10.1.1.221] by fk.egroups.com with NNFMP; 25 Sep 2001 23:18:41 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_3_2_2); 25 Sep 2001 23:17:40 -0000 Received: (qmail 41268 invoked from network); 25 Sep 2001 23:17:40 -0000 Received: from unknown (10.1.10.142) by 10.1.1.221 with QMQP; 25 Sep 2001 23:17:40 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta3 with SMTP; 25 Sep 2001 23:18:40 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id QAA03562 for iwar@onelist.com; Tue, 25 Sep 2001 16:18:40 -0700 Message-Id: <200109252318.QAA03562@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Tue, 25 Sep 2001 16:18:40 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:Gartner:.Drop.Microsoft.IIS.now] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Gartner: Drop Microsoft IIS now By Wendy McAuliffe, ZDNet, 9/25/01 <a href="http://www.zdnet.com/zdnn/stories/news/0,4586,2814546,00.html?chkpt=zdnnt092501ts">http://www.zdnet.com/zdnn/stories/news/0,4586,2814546,00.html?chkpt=zdnnt092501ts> Research group Gartner is warning enterprises to "immediately" replace their Microsoft Internet Information Server (IIS) server software with a more secure server application, following attacks on IIS by the worms Code Red and Nimda. Last week, mass-mailing computer worm Nimda was released into the wild. It combined elements of the Web-based Code Red virus and attacked the same buffer-overflow vulnerability in Microsoft's IIS software. The trend confirms that IIS has become a popular target for hackers, and Gartner is recommending that companies affected by both worms should look at moving their Web applications to a more secure platform. "Using Internet-exposed IIS Web servers securely has a high cost of ownership," states the Gartner report. "Nimda has again shown the high risk of using IIS and the effort involved in keeping up with Microsoft's frequent security patches." Some antivirus experts are dismissing the Gartner warnings as "knee-jerk" and "unnecessary". Graham Cluley, senior technology consultant at security firm Sophos, is concerned that a mass move to alternative Web server software would cause more disruption than sticking with Microsoft IIS and patching it. "Code Red was less about the vulnerability of IIS, as all software has bugs, but more about system administrators ignoring the warnings that came well in advance of Code Red," said Cluley. According to Gartner, iPlanet and Apache offer advisable alternatives to Microsoft's server software. "Although these Web servers have required some security patches, they have much better security records than IIS and are not under active attack by the vast number of virus and worm writers," the report says. The analysts predict that it might be late next year before the server software is safer for corporations. "Gartner remains concerned that viruses and worms will continue to attack IIS until Microsoft has released a completely rewritten, thoroughly and publicly tested, new release of IIS." The attempt to rank vendors according to their security success rate is a risky business. The aim of most virus writers is usually for their worm to achieve its biggest impact, and so will target platforms that are widely used. "Microsoft is targetted as it is so popular, rather than the system being the least secure," said Cluley. "There are few viruses for the Macintosh in comparison to the PC, as the hacker will be going for the most popular platform," he pointed out. Microsoft officials were not immediately available to comment on the report. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Get your FREE VeriSign guide to security solutions for your web site: encrypting transactions, securing intranets, and more! http://us.click.yahoo.com/XrFcOC/m5_CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:49 PDT