Silicon Shecky

IT World has a nice little article which gives some tools to help protect those running IIS 6.0 and earlier from the latest exploit. The fun thing is that they are both free tools from Microsoft that basically shut down the WebDAV protocol.

Microsoft has acknowledged the problem, but has not said if or when a patch for it will be available. Windows 2000 servers are more at risk from this vulnerability since WebDAV is turned on by default, in contrast to Windows 2003 where WebDAV is turned off by default.

So, there you have it. Go get the tools and lock it down.

This week the big RSA Security Conference is going on in San Francisco. For those that don’t know what it is I suggest taking a look a the conference website to get more info overall.

There have been some interesting Keynote addresses that I plan on checking out online when I have time, but in the spirit of time I came across an interesting announcement from Symantec.

Symantec has acquired Security Vendor MI5, and this could be both good and bad. MI5 makes appliances that do some of the things that say a Barracuda appliance does, Web Security and the like. Symantec on the other hand, was once one of the best AV companies out there. I say once, because I know a lot of people had gotten turned off by their more recent offerings.

Now I am not going to bash Symantec’s AV stuff, especially considering that with their new CEO, they seem to be working on making their product better. I’m hearing reports that the new versions of their AV and Endpoint products are less resource intense, and work much better. Plus they are bringing back the Norton Utility line to where it should have always been.

What has me worried about them acquiring MI5 and assimilating it, is what has happened with BackupExec. When Symantec bought Veritas and got its hands on BE, it seemed like it could be a good thing. Unfortunately, BE has basically stagnated under Symantec’s rule, the online support for the latest versions is almost non-existent, and they have yet to make it to handle removable SSD (solid state drives) in an easy fashion. I hope to god that they don’t do the same sort of thing with MI5.