Product Reviews
Adding a Line of Defense
Flicks Titan shores up your IIS security
With all the IIS security problems we've been seeing lately, you'd naturally
expect some software vendors to release products to fight them. Flicks
Software has released Titan, which is aimed at helping you add another
level of defense to your Web server.
According to the company's Web site, Titan protects Microsoft IIS Web
servers from known and unknown attacks. It wraps around IIS and works
within it, verifying and analyzing incoming Web server data for security
breaches.
The download and install were fairly standard and uneventful. As the
instructions said, I disabled my Internet services before running the
setup routine. Toward the end of setup, the program asked me if I wanted
it to restart my services; when everything was done, all services were
restarted. Total install time: two minutes.
Titan is implemented as an ISAPI filter and, by default, is installed
at the computer level so settings apply to all Web sites on the server.
Configuration is straightforward via a simple Windows-style configuration
screen:
The program gives you enough options to configure it to do most anything
you want and even lets you add custom query strings, which it'll then
block. How the program responds when a request is denied is configurable
as well. You can type in a message, pull it from a file, include an explanation,
or even redirect to another URL.
The tests I ran consisted mostly of throwing different things at Titan
and seeing if it let them through or not. The things I tossed at it were
derived mainly from the log files on my test machine. This machine had
been hit by Nimda and a number of variations of requests, including a
lot of attempts to get at cmd.exe using .. to go up the directory tree
and \ - the physical directory delimiter.
The default settings apparently worked pretty well and stopped most of
the requests. I already had URLScan installed, and it also was logging
and preventing the still-present Nimda attacks. (When will people stop
putting unpatched IIS servers on the Net?)
 |
| Flicks Titan gives you enough options to configure
it to do most anything you want. |
The setup program didn't seem as polished as many commercial programs
on the market. It's on par with most ASP component install routines; once
installed, Titan seemed to work like a charm. If you're experiencing many
of these types of attacks or are worried about future ones, this product
can be used with other methods to help increase your server's layers of
defense.
While this isn't the "cure all" to your Web server security issues, Titan
can be can worthwhile investment, assuming the worm type you're trying
to prevent can be filtered.
About the Author
Andy Barkl, MCT/MCITP/MCSA, A+, Network+, Security+, CCNA has been studying technology for 30 years. Of the last 15 years, he has spent much of his time parting the knowledge and experience he has gained through IT exams, over 300, to help others be prepared and successful. He teaches classes in Phoenix, Ariz. where he has lived most of his life. He can be reached by e-mail at [email protected].