Microsoft's Internet Information Services (IIS) Web server has
presented enterprises with more than its share of security problems
over the years, including the infamous Code Red worm nearly a decade
ago. A key security concern with IIS has always been the number of
features that are automatically installed and enabled by default,
such as scripting and virtual directories, many of which proved
vulnerable to exploit and led to major security incidents.
With the release of IIS 6 a few years ago, a "lockdown by default"
approach was introduced with several features either not being
installed or installed but disabled by default. IIS 7, the newest
iteration, goes even further.
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment