Http server and virus | Search |
NowSMS Support Forums ⬆ NowSMS Support - SMS Issues ⬆ Archive through January 17, 2005 ⬆ |
◄ ► |
Author | Message | |||
Suvinay New member Username: Suvinay Post Number: 31 Registered: 07-2004 |
Hi Bryce, If I enable the web interface in NowSMS, users will be able to login and send SMS's via the web menu interface. What protections or security measures can I adopt to defend against viruses as I will have to open the http port in my firewall. The users systems may be infected and when they establish connection, isn't my system at a risk? Are there any safety measures preincluded in NowSMS? Thanks | |||
Bryce Norwood - NowSMS Support Board Administrator Username: Bryce Post Number: 3710 Registered: 10-2002 |
Hi Suvinay, Viruses that attack web servers are generally designed to exploit known weaknesses in particular web servers, especially Microsoft IIS. So what you may find is that after you open the web port, you may see requests received that are attacks on IIS. Usually, these attacks exploit "buffer overrun" problems in the server software. And as such, they are very specific to targeting specific server software, and specific versions of server software. Basically, these viruses just keep scanning the net, sending out requests to every web server, and hoping to find one that they can infect. But these requests aren't a problem if you are running other types of server software. So if NowSMS receives one of those problem requests, it will respond back with an error. But you won't receive an infection. The only way that you would have a problem is if someone designed an attack that specifically targeted NowSMS servers. They would have to find a vulnerability in NowSMS, and target it. Generally speaking, as we understand the underlying cause of "buffer overrun" exploits, we're fairly confident that we don't have this type of vulnerability. However, we can't guarantee that someone won't find a vulnerability that we missed. The good news is that the install base of NowSMS is small relative to the install base of general purpose web servers, so it is not an attractive target. And, because we have so many different versions and releases of NowSMS, this would also complicate any attempts to exploit a vulnerability. Still, it's a good idea to use a non-standard port ... e.g., a port other than 80. Also, for any user accounts that you define, I would encourage you to restrict the IP addresses from which you will accept connections. | |||
Suvinay New member Username: Suvinay Post Number: 34 Registered: 07-2004 |
Thanks! - Suvinay |