1 / 18

Module 6: Patches and Security Updates

Module 6: Patches and Security Updates. Overview. Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches and security updates for Apache Recent patches and security updates for some other web server (TBD). Installing Patches and Security Upates.

marisa
Download Presentation

Module 6: Patches and Security Updates

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Module 6: Patches and Security Updates

  2. Overview • Installing Patches and Security Updates • Recent patches and security updates for IIS • Recent patches and security updates for Apache • Recent patches and security updates for some other web server (TBD)

  3. Installing Patches and Security Upates

  4. Installing Patches and Security Updates

  5. Installing Patches and Security Updates • MS10-019 • MS10-020 • MS10-025 • MS10-026 • MS10-027 • MS10-021

  6. Installing Patches and Security Updates IIS 5.0 is the version installed by default on W2K computers. If you have SP4 for W2K (and you should), these are the patches that you need to apply to your computer: • 327696 MS02-062 • 321599 MS02-028 • 319733 MS02-018

  7. Other IIS Patching Tools You should also look at the IIS Lockdown Tool and URLScan which are valuable tools for "anti-IIS" activity protection: • URLScan Security Tool (v2.5) • IIS Lockdown Tool (v2.1)

  8. IIS 5.1 Required Patches • IIS 5.1 is the version available on Windows XP computers. Although it is not installed by default on XP Pro computers, it's still a big security concern. • This patch is a cumulative patch that includes the functionality of all security patches released for IIS 5.1 since Windows XP Service Pack 1: • 327696 MS02-062: • 321599 MS02-028: • 319733 MS02-018:

  9. Improved Patch Management • No service interruption while installing patches. • Auto Update. • Windows Update Corporate Edition. • Resource Free DLLs.

  10.  Options to Obtain Security Updates

  11. Security update Deployment

  12. Vulnerability Rating

  13. Recent patches and security updates for IIS

  14. Security updates • Deny resource access by default and only allow resource functionality as desired. • Log all web requests as they help identify suspicious activity. • Subscribe to the Apache Server Announcement mailing list which can send updates, patches and security fixes.

  15. Recent patches and security updates for Apache

  16. Security updates • Disable default services such as FTP and SMTP unless you need them. • Disable the directory browsing function unless it is required as it allows visitors to see which files are running on your system. • Disable any FrontPage Server Extensions that are not being used.

  17. Recent patches and security updates for OWS

More Related