On Wed, 9 Aug 2000, Marc Maiffret wrote:
> Firewalls will not help you at all in protecting an IIS server. The only
> thing they will do is help protect the rest of your network when your IIS
> server gets broken into.
>
Some firewall that are smart enough to block certain URLs may help you
after the vulnerability is public. Similiar to how people put in procmail
filters to stop new mail worms. This is something that may be more under
the direct control of a firewall admin or security guy, while they get out
the big stick and hunt down the webserver admins.
This puts the burder of protection on the firewall rather than putting
real security in at the servers, but that's kinda why firewalls exist
anyway.
Ryan
_______________________________________________
Firewall-wizards mailing list
Firewall-wizards_at_nfr.net
http://www.nfr.net/mailman/listinfo/firewall-wizards
Received on Aug 11 2000
Intro
