Solved

security audit iis 7.0

Posted on 2014-02-15
1
189 Views
Last Modified: 2014-02-24
i have a web server and this is our first audit.
our web hosting failed a couple of tests and the recommended fixes are curious to me.

doesnt iis get its updates through regular windows updates?  the fixes for all our failures have remediation of updating secuirty on iis 7.0

but the server is totally updated...
is there an update iis only utility?
0
Comment
Question by:jamesmetcalf74
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 53

Accepted Solution

by:
Scott Fell,  EE MVE earned 500 total points
ID: 39862384
Is this for pci?  are you on a shared server, cloud or dedicated?  

In the case of pci compliance, if you feel something is up to date, you can submit a written response that it is up to date.  I also noticed that I could be scanned and several quarters in a row and no changes to anything and the next scan is throwing a fit mostly over nothing.  I think the scanning companies need to prove their software is doing something.  When I contacted the provider, their answer is "our own software is continually updated...."

However, there were a few items I remember thinking they were trivial and after researching they were not.   Do your research on each item.
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today I came across an interesting issue that had me pulling my hair out.  I was troubleshooting a new internal web site which uses integrated security instead of anonymous.  When browsing the site from my laptop, I was able to access it with no iss…
If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
Suggested Courses

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question