New NetIQ Security Module Provides Real-Time Protection

NetIQ Corp. announced it has made available a new module that in real time identifies the security holes in the e-commerce and e-banking sites running Windows NT and immediately prevents the hacker from exploiting them.

The solution is available to NetIQ Security Manager users as a new ActiveKnowledge module downloadable from NetIQ’s Web site.

The FBI recently released information about a series of economic extortion attacks that have already hit more than 40 e-banking and e-commerce sites running Windows NT. There are three vulnerabilities that comprise the attack. The first allows hackers to access the IIS server. Once access has been established, the second vulnerability involves the modification of certain registry keys and code that on restart allows the hackers to disable key security measures. The third allows unauthorized actions to be taken on the SQL or MSDE database.

Unique features of the Security Manager module that help stop the attack include its ability to detect the attack in real time and to take immediate automated action to stop the attack before security is compromised. For example, Security Manager monitors the IIS and SQL logs in real time and detects when someone attempts to utilize the IIS or SQL server exploit. Upon seeing the identifying signature, Security Manager launches an automated response to automatically block the attacking host’s IP address to that server. In addition, Security Manager identifies file signatures left behind in attacks. This allows IT personnel to take appropriate action if an attack has already occurred.

Contact NetIQ, (408) 856-3000,

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.


  • How To Replace an Aging Domain Controller

    If the hardware behind your domain controllers has become outdated, here's a step-by-step guide to performing a hardware refresh.

  • Azure Backup for SQL Server 2008 Available at Preview Stage

    Microsoft added the option of using the Azure Backup service to provide recovery support for SQL Server 2008 and SQL Server 2008 R2 when those workloads are hosted on Azure virtual machines.

  • Microsoft Suggests Disabling Old Protocols with Exchange Server 2019

    Exchange Server 2019 with Cumulative Update 2 (CU2) can help organizations rid themselves of old authentication protocols, which constitute a potential security risk.

  • Microsoft Previews New Edge Browser on Windows 7 and Windows 8.1

    Microsoft announced this week that it has released previews of its Chromium-based Microsoft Edge Web browsers for use on Windows 7, Windows 8 and Windows 8.1 systems.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.