[ISN] Free IIS Security Forensic Analysis E-Book

From: InfoSec News (isnat_private)
Date: Mon May 05 2003 - 22:22:22 PDT

  • Next message: InfoSec News: "Re: [ISN] South Korean Group Sues Microsoft Over Slammer"

    Forwarded from: "Jason Coombs" <jasoncat_private>
    
    Aloha,
    
    After a year-long effort to conduct a thorough forensic analysis of
    Internet Information Services versions 4 through 6, I've recently
    released a 400-page e-book detailing my conclusions, findings, and
    security recommendations for administrators and programmers who work
    with IIS.
    
    IIS Security and Programming Countermeasures
    http://forensics.org/jasonc/iisforensics.zip
    
    FORENSICS.ORG is a non-profit computer forensics expert witness group.
    One of our missions is to provide affordable forensics services to the
    defense in criminal and civil court cases. We hope that this forensic
    guide to IIS security will be helpful as you decide what to do about
    your legacy IIS-based applications: migrate to IIS 6 or abandon IIS
    altogether?
    
    Feedback is welcome.
    
    Sincerely,
    
    Jason Coombs
    jasoncat_private
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue May 06 2003 - 00:22:33 PDT