Gartner: Drop Microsoft IIS now
Nalani & Ray Leonard
leonardr002 at hawaii.rr.com
Wed Sep 26 00:51:13 PDT 2001
For those of us who prefer more secure open source web servers such as
Apache:
http://www.zdnet.com/zdnn/stories/news/0,4586,2814546,00.html?chkpt=zdnn_rt_
latest
--------------------------------------------------------------
This story was printed from ZDNN ,
located at http://www.zdnet.com/zdnn .
--------------------------------------------------------------
Gartner: Drop Microsoft IIS now
By Wendy McAuliffe, ZDNet (UK)
September 25, 2001 5:14 AM PT
URL:
Research group Gartner is warning enterprises to "immediately"
replace their Microsoft Internet Information Server (IIS) server
software with a more secure server application, following attacks
on IIS by the worms Code Red and Nimda.
Last week, mass-mailing computer worm Nimda was released into the
wild. It combined elements of the Web-based Code Red virus and
attacked the same buffer-overflow vulnerability in Microsoft's IIS
software. The trend confirms that IIS has become a popular target
for hackers, and Gartner is recommending that companies affected
by both worms should look at moving their Web applications to a
more secure platform.
"Using Internet-exposed IIS Web servers securely has a high cost
of ownership," states the Gartner report. "Nimda has again shown
the high risk of using IIS and the effort involved in keeping up
with Microsoft's frequent security patches."
Some antivirus experts are dismissing the Gartner warnings as
"knee-jerk" and "unnecessary". Graham Cluley, senior technology
consultant at security firm Sophos, is concerned that a mass move
to alternative Web server software would cause more disruption
than sticking with Microsoft IIS and patching it. "Code Red was
less about the vulnerability of IIS, as all software has bugs, but
more about system administrators ignoring the warnings that came
well in advance of Code Red," said Cluley.
According to Gartner, iPlanet and Apache offer advisable
alternatives to Microsoft's server software. "Although these Web
servers have required some security patches, they have much better
security records than IIS and are not under active attack by the
vast number of virus and worm writers," the report says.
The analysts predict that it might be late next year before the
server software is safer for corporations. "Gartner remains
concerned that viruses and worms will continue to attack IIS until
Microsoft has released a completely rewritten, thoroughly and
publicly tested, new release of IIS."
The attempt to rank vendors according to their security success
rate is a risky business. The aim of most virus writers is usually
for their worm to achieve its biggest impact, and so will target
platforms that are widely used. "Microsoft is targetted as it is
so popular, rather than the system being the least secure," said
Cluley.
"There are few viruses for the Macintosh in comparison to the PC,
as the hacker will be going for the most popular platform," he
pointed out.
More information about the LUAU
mailing list