Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

security audit iis 7.0

Posted on 2014-02-15
1
Medium Priority
?
193 Views
Last Modified: 2014-02-24
i have a web server and this is our first audit.
our web hosting failed a couple of tests and the recommended fixes are curious to me.

doesnt iis get its updates through regular windows updates?  the fixes for all our failures have remediation of updating secuirty on iis 7.0

but the server is totally updated...
is there an update iis only utility?
0
Comment
Question by:jamesmetcalf74
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 53

Accepted Solution

by:
Scott Fell,  EE MVE earned 2000 total points
ID: 39862384
Is this for pci?  are you on a shared server, cloud or dedicated?  

In the case of pci compliance, if you feel something is up to date, you can submit a written response that it is up to date.  I also noticed that I could be scanned and several quarters in a row and no changes to anything and the next scan is throwing a fit mostly over nothing.  I think the scanning companies need to prove their software is doing something.  When I contacted the provider, their answer is "our own software is continually updated...."

However, there were a few items I remember thinking they were trivial and after researching they were not.   Do your research on each item.
0

Featured Post

Learn how to optimize MySQL for your business need

With the increasing importance of apps & networks in both business & personal interconnections, perfor. has become one of the key metrics of successful communication. This ebook is a hands-on business-case-driven guide to understanding MySQL query parameter tuning & database perf

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today I came across an interesting issue that had me pulling my hair out.  I was troubleshooting a new internal web site which uses integrated security instead of anonymous.  When browsing the site from my laptop, I was able to access it with no iss…
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question