|
Posted by Mathieu CHATEAU on September 13, 2007, 12:40 pm
Please log in for more thread options Hello,
i wouldn't go so straight...
Web servers can be protected by isa reverse proxy, so there won't be any
direct tcp connection.
They may be more protected through:
-renamed admin account with strong password
-netbios disabled if possible
-no direct connection to outside
-pass the MBSA test at least
-Remove default website
-hisec gpo template
-disable unused service (remote registry...)
-never surf from these servers
--
Cordialement,
Mathieu CHATEAU
http://lordoftheping.blogspot.com
> steve.riley@microsoft.com says...
>> I've never been a big fan of AV on web servers, unless users can upload
>> files there.
>
> Symantec Corporate Edition for Workstations and Servers 10.x, works
> fine, and has protected them from more crap that were on poorly
> protected servers that were abused via exploits.
>
> If it's windows it need AV protection if it's got any exposure to
> external access by any means.
>
> --
>
> Leythos
> - Igitur qui desiderat pacem, praeparet bellum.
> - Calling an illegal alien an "undocumented worker" is like calling a
> drug dealer an "unlicensed pharmacist"
> spam999free@rrohio.com (remove 999 for proper email address)
| 
XML Sitemap