[Dshield] How do you prepare for or fight against a DDOS?
jholmblad at aol.com
Tue Feb 17 00:14:13 GMT 2004
Microsoft has recently updated the Microsoft Baseline Security Analyzer
(MBSA) which incorporates the hfnetcheck tool from Shavlik The MBSA
tool is a free download and it has been recently updated to version 1.2:
An earlier post on this list today by Paul Marsh on this subject is
Sorry about that, the caffeine had not set in yet.
The problem with SUS is exactly that the limitations stated my MS.
Back when I was testing it you could not push SP's, only hot fixes.
I don't know if they have fixed this limitation or not? Why go halfway
another tool when you could go all the way with one tool HFNetChk.
SUS was designed and created by Shavlik for MS, MS just chooses to use
a watered down version. Don't get me wrong, it's a good tool but it
has a way too go. I just don't feel comfortable waiting.
SMS is a good product but very cumbersome and pricy.
Here is some helpful advice directly from Microsoft on the subject of
If you are running IIS 4.X - 5.X you should also run the IIS lockdown
wizard which also incorporates a tool called urlscan (actually urlscan
is a .dll), which implements an ISAPI filter on the url's of incoming
requests to IIS against a configurable filter list. On the Windows
Server 2003 family which ships with IIS 6.0, the IIS lockdown wizard is
built in. Here is the URL to a Microsoft KB article on the IIS lockdown
and here is the URL to a Microsoft KB article on urlscan:
(H) 703 620 0672
(M) 703 407 2278
(F) 703 620 5388
www page: www.vtext.com/users/jholmblad
primary email address: jholmblad at aol.com
backup email address: jholmblad at verizon.net
text email address: jholmblad at vtext.com
More information about the list