This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Securing old web server IIS6

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Securing old web server IIS6

Fido
L0 Member

‎04-18-2022 02:30 AM - edited ‎04-18-2022 02:35 AM

Hello,

 

We are solving a case of an IIS6.1 vulnerability on an old Windows 2008 R2 SP1 system. Microsoft no longer has support for Windows update. The customer cannot migrate to the newer system yet.
Would Cortex XDR be able to secure IIS v6.1 web server vulnerabilities?

 

Thanks!

0 Likes Likes
4 REPLIES 4

KanwarSingh01
L3 Networker

‎04-19-2022 05:57 PM

@Fido Practically I think you should take defense in depth approach here and not just rely on Cortex XDR.

 

> Ring fence server i.e. make sure you lock it down into its own network.

> Monitor logons and expose what is required to the internet if a public facing internet.

> Enable IPS system for network traffic. (Test first by enabling IDS before IPS)

 

Apart from above, you should be able to get prevention on post exploitation activity with Cortex for un-known threats and as well for known threat.

Example: A command interpreter process such as cmd.exe or powershell.exe spawn from w3wp.exe

You can also create your own detection which can help you detect threats related to your environment.

 

What version of Cortex XDR are you looking to install?

Kind Regards
KS
0 Likes Likes

eluis
L4 Transporter
In response to KanwarSingh01

‎04-19-2022 11:12 PM

Hi @Fido 

I agree with what @KanwarSingh01  suggests. 

You could develop some use cases and implement them through your own correlation rules, BIOCs, .... You could even ingest logs from your  IIS6.1 with Cortex XDR Collectors or Filebeat, parse them on XDR and from there you can be creative on what are your defensive goals (from which threats do you want to protect your web server) 

 

KR, 

Luis 

0 Likes Likes

Fido
L0 Member

‎04-20-2022 12:22 AM

Thanks guys for the feedback.
@KanwarSingh01  We want to install Cortex XDR 7.7

0 Likes Likes

KanwarSingh01
L3 Networker
In response to Fido

‎04-21-2022 03:37 PM

You should be good here.

Kind Regards
KS
0 Likes Likes
  • 2746 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks