D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] PHP, Perl, server securing, etc.

 

On 24/06/10 12:34, Simon Waters wrote:
Aaron Trevena wrote:
a) Quite a few "windows" of vulnerability for IIS/SQL Server/ASP/etc
where servers or system software are shipped with unpatched
vulnerabilities and you needed to keep your server behind a firewall
blocking all services for hours or days until all the service packs
and patches have been applied (at some points in the last few years
tests have demonstrated a standard Windows Server install with no 3rd
party software being compromised within **minutes** of being plugged
into the internet)
My boss recently demonstrated this with W2KSP4 CD.

Installing Windows 2000 with a slipstream CD that included service pack
4 on a box exposed to the Internet (not clever, but he was just testing
if someone else's virtual server supports relevant aspects of W2K for a
legacy application) and by the time it loaded the latest Microsoft
Malware removal tool it had already been infected with something nasty,
so he had to redo it all after adding a virtual firewall to the virtual
server. Hardly news but it does make the point.

I had that with a w2k re-install - I can only assume that someone inside MS has put a trojan on the CD - there's no way you can just find a fresh install and infect it without the install alerting you!
Tom te tom te tom

--
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html