Fast Relief From Your IIS Patching Migraine
Once again, folks running Microsoft IIS were greeted with a notification
a few days ago that a high-risk vulnerability was detected in their
software and attackers could penetrate their systems and gain complete
"Wednesday, June 12, 2002 - Microsoft acknowledged a serious flaw in
its Internet server software that could allow sophisticated hackers
to seize control of websites, steal information and use vulnerable
computers to attack others online"
While these types of announcements no longer get much media attention
because they have become so frequent, they are still critical issues
that affect IT administrators globally...and drive us insane with
worries about being vulnerable to an exploit if we fail to patch
The problem of security and patch vulnerability does not mean that MS's
IIS software is BAD and should be avoided as a solution. Quite the
contrary, it is very feature-rich and is a common choice for admins.
In fact, Microsoft IIS runs about one third of all websites in the
world. The issue becomes one of adding a competent layer of security
to properly protect IIS from potential attacks. That way, even if
we don't have time to immediately install the Microsoft patch or we
are not alerted right away, we remain protected and IIS is safeguarded.
Vendors sometimes assume that, as admins, we can just take our systems
offline and quickly implement patches without issue. However, testing
and installing a patch properly in any organization (especially in
enterprises) is quite involved and takes time. Most importantly, we
need to always test the patch to make certain that it doesn't adversely
affect other components of our mission-critical systems. Finally,
propagating patches out to all affected systems creates even more
lag time in which our organizations remain vulnerable. Being exposed
for weeks, days, or even minutes is irrelevant in Internet time. The
fact that our servers are exposed for even one second is unacceptable.
The good news, there is a simple answer to IIS vulnerabilities:
The SecureIIS? Application Firewall
In a nutshell, Microsoft IIS was created to be a feature-rich app.
SecureIIS was developed by eEye Digital Security to specifically
address IIS security deficiencies and protect servers from attack.
eEye is the leading authority on IIS vulnerability research and
their SecureIIS is the critical proactive security layer that guards
IIS ? even when you don?t have time to patch your systems right away
(or while Microsoft takes several weeks to create a fix for a newly
eEye just released version 2.0 of SecureIIS this past week and it is
the definitive answer to small and large organizations that have IIS
web servers deployed. The new version of SecureIIS installs in minutes,
boasts an incredibly easy-to-use interface, and was developed to
accommodate enterprise-level customers seeking to centrally manage
their web servers' security. eEye knows IIS security inside out;
they discovered the Code Red vulnerability last year and 90% of all
IIS vulnerabilities in the past 2 years. No other vendor comes close
to their knowledge and ability to protect IIS customers from attack...
So, if you are running IIS and tired of worrying about exposure to
old, new, and unknown vulnerabilities, get relief today from SecureIIS
Application Firewall. A 10-minute online demo of SecureIIS in addition
to a free trial download is available from our website at:
Real-time Auditing and Content Management of Email
Sunbelt has been providing the CAMEO product for a long time. It was
recently acquired, improved and renamed to Content Auditor. Here is the
new version. Content Management for Exchange managers and admins just
became a whole lot easier. On June 17, IntelliReach released Content
Auditor and Content Inspector, two products created to help you audit,
scan, and better control email content both historically and in real-
Content Auditor for Exchange provides you with real-time monitoring of
inbound, outbound, and internal email. Content Auditor continuously
scans the content of emails flowing through the Exchange messaging. The
product can search for over 200 definable words and phrases and can
scan hundreds of messages per minute. Content Auditor can continuously
scan messages for specific message content or conduct complete Inbox
scanning. This product can scan hundreds of messages per minute, searching
for over 200 definable words and phrases.
A variety of actions can be taken when Content Auditor detects the presence
of content that meets the search criteria, including automatic deletion
of non-compliant messages, user notification of messages matching searched
criteria, and forwarding of messages and attachments to a holding inbox.
Content Inspector for Exchange is a powerful email content policy product
that gives you complete control over all users' mailboxes. Content Inspector
provides organizations with the ability to search the entire Exchange
Information Store, including all users' folders (Inbox, Deleted Items,
Sent Items, Calendar, Notes, etc.) Like Content Auditor, it can search
for direct matches to words or phrases. Content Inspector also includes
expanded search options for attachments, the ability to search mailboxes
by date, and an added option to conduct exhaustive searches of all message
and text fields. Eval on the Sunbelt website at:
Free Vulnerability Scanning Tool to Combat Apache Bug
eEye Digital Security has announced a freeware utility that allows you
to quickly scan your networks for any systems vulnerable to the recent
Chunked Encoding" exposure found in default versions of Apache HTTP Server.
An exploit for this vulnerability has been developed and the risk to servers
worldwide could be substantial. To prevent unnecessary damage to networks,
IT administrators are urged to identify vulnerable systems and correct
the issue immediately via instructions provided on the eEye website.
"eEye is dedicated to helping the IT community stay secure. This free tool
will allow administrators to scan systems for any vulnerable Apache web
servers that need to be patched and guide them through fixing the problem
immediately," stated Marc Maiffret, Chief Hacking Officer of eEye Digital
Security. "We developed this free utility in the past few days and based
the technology off of our popular commercial scanner, Retina®." Customers
that need to scan larger networks, a broader-range of systems, and
comprehensively detect vulnerabilities beyond the Apache chunked encoding
issue can use Retina Network Security Scanner. The freeware tool may be
downloaded directly from the Sunbelt website in the "Retina WhitePapers"
PestPatrol Fills Unmet Corporate Security Need
PestPatrol fills an unmet need in corporate security. The software works
much like an anti-virus product but instead of looking for viruses, PestPatrol
searches out hacker tools, trojans, spyware, and agents that create backdoors
for hackers - which can be far more damaging to companies than viruses.
"PestPatrol is the only software available today that finds this combination
of threats from inside and outside the organization," said Robert C. Bales,
CEO PestPatrol, Inc."
The National Software Testing Laboratory (NSTL) recently conducted a
comparative analysis of PestPatrol along with twelve leading anti-virus
and anti-trojan products. Of the 13 products tested, PestPatrol was by
far the most effective tool for detecting pests both overall and in each
individual category. NSTL's test showed that PestPatrol detected 86% of
the pests in the sample database. Trend Micro's PC-Cillin 2000 came in a
distant second, finding only 55%, and both Norton AntiVirus and McAfee
detected less than 50%.
PestPatrol is a member of Check Point Software Technology's OPSEC
alliance, and has applied for certification.
"Now, more than ever, security is a major concern for businesses of all
sizes. I believe the technology that PestPatrol delivers is critical to
the integrity of today's corporate computing environment," said Blair
Mohn, Director and PestPatrol, Inc. lead investor. "The threats it uncovers
can create backdoors that bypass existing security and compromise networks.
Corporate networks will be subjected to an endless series of increasingly
sophisticated attacks. This in turn will be followed by the development
of anti-attack software. First there was anti-virus software, then firewalls
and more recently, intrusion detection software. Now additional anti-hacker
tools are needed. Eval over at:
Relax, Your Information Security Policies Are Already Written!
Get INFORMATION SECURITY POLICIES MADE EASY V8 now for only $595! This
is the most comprehensive security policy reference tool on the market
offering 1100+ already-written security policies in print and on CD that
can be quickly customized to meet your company's needs. These ready-to-use,
definitive security policies cover the latest threats and technologies
including HIPAA and GLBA regulations. Also check out "Information Roles &
Responsibilities Made Easy", offering sample infosec job descriptions,
mission statements and more. Check 'em out here: