IIS Exploits and Hardening:

n30_mkii · 3 Feb 2011 at 18:30

Hi all I'm just wondering if anyone has any good resources on checking for IIS exploits (ethical hacking) so I can look at hardening any boxes which may be vulnerable. Ideally a guide to checking for the latest and past exploits would be useful.

I must state this is purely an ethical in house test and not that I am looking to abuse any other site.

Any info or help appreciated.

tntcoder · 3 Feb 2011 at 18:42

Nessus is a good choice and has a fairly extensive collection of known vulnerability signatures included. Run it against the IIS box and check the generated report.

If you have cooperate budget backing, invest in something better like Core Impact, SAINT or Nessus Professional.

List of IIS CVEs: http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=IIS

Basically if you patch everything up and follow good security practices across the box there should be no problem.

Ev0 · 4 Feb 2011 at 08:52

Nessus is a good shout, we use Qualys for this kind of thing but it isn't cheap

PistolPete · 4 Feb 2011 at 14:15

Look at the MS IIS hardening tool too. Closes a lot of potential holes from the start

J.B · 5 Feb 2011 at 18:04

Nessus will do what you are after.

As long as your boxes are fully patched you should be ok.

Bigger issue would be the application you are running on IIS.

Ev0 · 6 Feb 2011 at 00:15

Qualys have a web app scanning option that'll scan your web apps.