Windows Server 2003 and URL Scan

My company converted to McAffee server scans and it is flagging an event

Windows Server 2003 (Service Pack 2)  5182  Microsoft Internet Information Services Remote DoS   Microsoft Internet Information Services contains a vulnerability that may allow for remote denial-of-service attacks.   High      Microsoft Internet Information Server (IIS) is an industry-standard Web server for the Windows platform.

Microsoft Internet Information Services contains a vulnerability that may allow for remote denial-of-service attacks. A specially crafted request sent to the server may render it unresponsive."      CVE-2007-2897       "McAfee is currently unaware of a vendor-supplied patch or update (07/16/2013).

To mitigate the impact of this vulnerability, URLScan can be configured to filter URL requests that cause the denial of service. http://www.iis.net/downloads/microsoft/urlscan

I am wondering what impact this will have on my server if I add it.  It's an old server and I would hate to mess it up but I think they are going to force me to install it.
kdschoolAsked:
Who is Participating?
 
David Johnson, CD, MVPOwnerCommented:
have you run the Microsoft Baseline Security Analyzer? (MBSA) http://www.microsoft.com/en-ca/download/confirmation.aspx?id=7558
0
 
Miguel Angel Perez MuñozCommented:
Any app increases CPU and RAM, thats depends of how many clients has your webserver, if your server has 1 connection per hour URLScan not work same as you have 2k connections.

Best practices recommends do on a lab test before live environment, you can clone your webserver and run on a virtual machine for testing purposes.
0
 
David Johnson, CD, MVPOwnerCommented:
you should have installed urlscan a long time ago.. it has minimal impact and prevents a lot of attacks including sql injection attacks.  Urlscan is a recommended best practice as defined by Microsoft
0
Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

 
kdschoolAuthor Commented:
When I install it will the default have any impact on who can access the site or will that only be impacted if I add URL's to be restricted.  I am not clear on how it works.
0
 
kdschoolAuthor Commented:
It looks like they have already addressed this with automatic updates?  This is a really old hardware server with very little memory left.  We are currently migrating to a new server so if I don't have to add anything at this point I think I would be better off.  Is this the right article for this item?

https://technet.microsoft.com/library/security/ms10-065
0
 
kdschoolAuthor Commented:
This is a 32 bit server when I go to this page it's saying.  Will this work on a 32 bit OS?

MBSASetup-x64-EN.msi
0
 
kdschoolAuthor Commented:
Never mind I found the x86 version will let you know when I install it.
0
 
kdschoolAuthor Commented:
I ran this and scanned the server. Says everything is good,  no security updates missing and did not flag anything under vunerabilities.  Everything checked out ok.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.