Carrell Jackson, the Web developer for Alexander Rocco Corporation, has informed you that
Microsoft IIS 6.0 is used for the company’s Web site. He’s proud of the direction the Web site is
taking and says it has more than 1000 hits per week. Customers can reserve hotel rooms,
schedule tee times for golf courses, and make reservations at any of the facility’s many
restaurants. Customers can enter their credit card information and receive confirmations via e-
mail. Based on this information, write a memo to Mr. Jackson listing any technical cybersecurity
alerts or known vulnerabilities of IIS 6.0. If you find vulnerabil- ities, your memo should include
recommendations and be written in a way that doesn’t generate fear or uncertainty but
encourages prudent decision making.
Solution
When attacking Web sites, script kiddies go for an easy kill. They look for common activities.
Here is a list of some of the top vulnerabilities found in Web sites running on Microsoft\'s
Internet Information Server (IIS). Some of the vulnerabilities, such as open ports, are not
particular to IIS. Both CERT and CIAC are exceptional sources on the latest vulnerabilities that
are disturbing Web sites.
Be careful that your network and system should not be vulnerable to the attackers by keeping
your covers up to date. Microsoft Baseline Security Analyzer is a security hotfix of Microsoft
scans the networks for the vulnerable points. You may also want to ponder upgrading your IIS
installation to IIS 6.0, which offers vividly increased security over previous versions. I explained
how to protect a Web site from these and other vulnerabilities.
Some of the known Vulnerabilities in IIS6.0 are given below
Default installs of operating system and applications:
Many users fail to gain what an installation program really installs on their machine. Windows
and IIS both install superfluous services and dangerous samples. The unpatched services, sample
programs and code deliver means for attacking a Web site.
Accounts with weak or nonexistent passwords:
IIS 6.0 uses several built-in or default accounts. Attackers usually look for these accounts. They
should be recognized and changed if not removed from the system.
Large number of open ports:
Every visitor, good or bad, connects to a site and system via an open port. By default, Windows
and IIS ship with extra ports open than are required to function properly. It is significant to keep
the minimum number of ports open on a system. Close all other ports.
Unicode vulnerability (Web Server Folder Traversal):
By sending an IIS server a prudently created URL containing an inacceptable Unicode sequence,
an attacker can easily bypass the normal IIS security checks and force the server to literally
\"walk up and out\" of a directory and execute random scripts.
Microsoft Server Message Block (SMB) vulnerability:
The Server Message will Block the Protocol used by the Windows to share files and printers and
to communicate between computers. A hac.
Carrell Jackson, the Web developer for Alexander Rocco Corporation, .pdf
1. Carrell Jackson, the Web developer for Alexander Rocco Corporation, has informed you that
Microsoft IIS 6.0 is used for the company’s Web site. He’s proud of the direction the Web site is
taking and says it has more than 1000 hits per week. Customers can reserve hotel rooms,
schedule tee times for golf courses, and make reservations at any of the facility’s many
restaurants. Customers can enter their credit card information and receive confirmations via e-
mail. Based on this information, write a memo to Mr. Jackson listing any technical cybersecurity
alerts or known vulnerabilities of IIS 6.0. If you find vulnerabil- ities, your memo should include
recommendations and be written in a way that doesn’t generate fear or uncertainty but
encourages prudent decision making.
Solution
When attacking Web sites, script kiddies go for an easy kill. They look for common activities.
Here is a list of some of the top vulnerabilities found in Web sites running on Microsoft's
Internet Information Server (IIS). Some of the vulnerabilities, such as open ports, are not
particular to IIS. Both CERT and CIAC are exceptional sources on the latest vulnerabilities that
are disturbing Web sites.
Be careful that your network and system should not be vulnerable to the attackers by keeping
your covers up to date. Microsoft Baseline Security Analyzer is a security hotfix of Microsoft
scans the networks for the vulnerable points. You may also want to ponder upgrading your IIS
installation to IIS 6.0, which offers vividly increased security over previous versions. I explained
how to protect a Web site from these and other vulnerabilities.
Some of the known Vulnerabilities in IIS6.0 are given below
Default installs of operating system and applications:
Many users fail to gain what an installation program really installs on their machine. Windows
and IIS both install superfluous services and dangerous samples. The unpatched services, sample
programs and code deliver means for attacking a Web site.
Accounts with weak or nonexistent passwords:
IIS 6.0 uses several built-in or default accounts. Attackers usually look for these accounts. They
should be recognized and changed if not removed from the system.
Large number of open ports:
Every visitor, good or bad, connects to a site and system via an open port. By default, Windows
and IIS ship with extra ports open than are required to function properly. It is significant to keep
the minimum number of ports open on a system. Close all other ports.
Unicode vulnerability (Web Server Folder Traversal):
2. By sending an IIS server a prudently created URL containing an inacceptable Unicode sequence,
an attacker can easily bypass the normal IIS security checks and force the server to literally
"walk up and out" of a directory and execute random scripts.
Microsoft Server Message Block (SMB) vulnerability:
The Server Message will Block the Protocol used by the Windows to share files and printers and
to communicate between computers. A hacker's SMB server can influence that ability to execute
arbitrary code on a client with "SYSTEM" privileges.
Windows License Logging Service overflow:
By sending a specially formatted message to a Web server running the License Logging Service,
an attacker can exploit an unimpeded buffer. This can cause the service to fail, creating an
opening for the hacker to execute code on the server with "SYSTEM" privileges.
By evading these with some technical issues with resolving techniques we can use this even
more ultimately.
Some of the references can be say like:
When you monitor your application servers to maintain a baseline of performance data, you can
see performance trends as they develop, take steps to prevent unacceptable performance, decide
how to best tune or upgrade your servers, and determine whether your changes are advantageous.
By tuning your Internet Information Services (IIS) version 6.0 application servers, you improve
the client experience, help avoid blocks, and can encompass the interval between hardware
upgrades
Upgrade the L2catche:
When you add or upgrade processors, select processors with a large secondary (L2) cache.
Server applications, such as IIS, gain from a large processor cache because their instruction paths
involve numerous dissimilar components. A large processor cache (2 MB or more if external, up
to the maximum obtainable if on the CPU chip) is recommended to improve performance on
active servers running IIS 6.0
