Microsoft (finally) tries to make IIS secure
Print story'Lockdown Wizard' enforces safe serving
Posted in Software, 4th October 2001 09:34 GMT
Understand how application security is evolving
We used to think it would take an act of Congress, but Microsoft has taken the initiative and released a free tool which will set up IIS with tight settings and crucial patches from day one, shifting the emphasis from come-and-get-me-k11d13z 'functionality' to something approaching decent security.
One may download the software or arrange to have an installation CD delivered free to their door, assuming they have a Passport and are actually willing to lard it with accurate information.
"The Security Tool Kit will contain the current service packs, all critical security patches for Windows NT 4.0 and Windows 2000, Internet Information Server and Internet Explorer, and a security tool that will tie back to the Windows Update site and ensure that any late-breaking patches also are installed," the company explains.
It only took Code Red and Nimda to accomplish this. Never let it be said that Redmond doesn't respond swiftly to repeated, gross humiliations.
The company is also offering free tech support for security issues. US residents may ring toll-free on 1-866-727-2338 for virus and security information. ®
Related Link
Get the goods
Solving on-premise email challenges with on-demand services
The business case for application security
Airport insecurity: the case of lost laptops
The best practices guide for application security
Impact of the dramatic increase in devices on the cost to support
Google code cloud punts on-demand embarrassment
Microsoft weighs next-phase in open-source support
iTunes minus the player: hack your Apple beats
Oracle plans cloud strategy