Carrell Jackson the Web developer for Alexander Rocco Corpor

Carrell Jackson, the Web developer for Alexander Rocco Corporation, has informed you that Microsoft IIS 6.0 is used for the company’s Web site. He’s proud of the direction the Web site is taking and says it has more than 1000 hits per week. Customers can reserve hotel rooms, schedule tee times for golf courses, and make reservations at any of the facility’s many restaurants. Customers can enter their credit card information and receive confirmations via e-mail. Based on this information, write a memo to Mr. Jackson listing any technical cybersecurity alerts or known vulnerabilities of IIS 6.0. If you find vulnerabil- ities, your memo should include recommendations and be written in a way that doesn’t generate fear or uncertainty but encourages prudent decision making.

Solution

When attacking Web sites, script kiddies go for an easy kill. They look for common activities. Here is a list of some of the top vulnerabilities found in Web sites running on Microsoft\'s Internet Information Server (IIS). Some of the vulnerabilities, such as open ports, are not particular to IIS. Both CERT and CIAC are exceptional sources on the latest vulnerabilities that are disturbing Web sites.

Be careful that your network and system should not be vulnerable to the attackers by keeping your covers up to date. Microsoft Baseline Security Analyzer is a security hotfix of Microsoft scans the networks for the vulnerable points. You may also want to ponder upgrading your IIS installation to IIS 6.0, which offers vividly increased security over previous versions. I explained how to protect a Web site from these and other vulnerabilities.

Some of the known Vulnerabilities in IIS6.0 are given below

Default installs of operating system and applications:

Many users fail to gain what an installation program really installs on their machine. Windows and IIS both install superfluous services and dangerous samples. The unpatched services, sample programs and code deliver means for attacking a Web site.

Accounts with weak or nonexistent passwords:

IIS 6.0 uses several built-in or default accounts. Attackers usually look for these accounts. They should be recognized and changed if not removed from the system.

Large number of open ports:

Every visitor, good or bad, connects to a site and system via an open port. By default, Windows and IIS ship with extra ports open than are required to function properly. It is significant to keep the minimum number of ports open on a system. Close all other ports.

Unicode vulnerability (Web Server Folder Traversal):

By sending an IIS server a prudently created URL containing an inacceptable Unicode sequence, an attacker can easily bypass the normal IIS security checks and force the server to literally \"walk up and out\" of a directory and execute random scripts.

Microsoft Server Message Block (SMB) vulnerability:

The Server Message will Block the Protocol used by the Windows to share files and printers and to communicate between computers. A hacker\'s SMB server can influence that ability to execute arbitrary code on a client with \"SYSTEM\" privileges.

Windows License Logging Service overflow:

By sending a specially formatted message to a Web server running the License Logging Service, an attacker can exploit an unimpeded buffer. This can cause the service to fail, creating an opening for the hacker to execute code on the server with \"SYSTEM\" privileges.

By evading these with some technical issues with resolving techniques we can use this even more ultimately.

Some of the references can be say like:

When you monitor your application servers to maintain a baseline of performance data, you can see performance trends as they develop, take steps to prevent unacceptable performance, decide how to best tune or upgrade your servers, and determine whether your changes are advantageous. By tuning your Internet Information Services (IIS) version 6.0 application servers, you improve the client experience, help avoid blocks, and can encompass the interval between hardware upgrades

Upgrade the L2catche:

When you add or upgrade processors, select processors with a large secondary (L2) cache. Server applications, such as IIS, gain from a large processor cache because their instruction paths involve numerous dissimilar components. A large processor cache (2 MB or more if external, up to the maximum obtainable if on the CPU chip) is recommended to improve performance on active servers running IIS 6.0