none
Windows Server 2003 Sp1 Use McAfee Secure Scan RRS feed

  • 問題

  • 各位前輩大家好:

    小弟現在有遇到一些問題,想要請教一下各位前輩是否有解法,

    我有一台Windows Ser2003 SP1 x32,

    我在他的IIS 6.0 裡上了一個WebSite,但是被McAfee的弱點偵測到有幾個Issue,

    其中分別有2個Issue我找了好久都找不到...想請教各位前輩能否指引我一條明路,

    1. Issue為 Microsoft IIS 404 Response Service Pack Signature

    說明:  The Patch level (Service Pack) of the remote IIS server appears to be lower than the current IIS service pack level. As each service pack typically contains many security patches, the server may be at risk.

    Note that this test makes assumptions of the remote patch level based on static return values (Content- Length) within a IIS Server's 404 error message. As such, the test can not be totally reliable and hould be manually confirmed. 

    Note also that, to determine IIS6 patch levels, a simple test is done ased on strict RFC 2616 compliance. It appears as if IIS6-SP1 will

    accept CR as an end-of-line marker instead of both CR and LF.

    Note: This may be a "false positive" for one of the following reasons: 

    ‧ We were unable to conclusively test for this vulnerability remotely, but based on this device's fingerprint it is possible that it exists. 

    ‧  When checking for a specific file or response we received a redirect or other response that was inconclusive.

    We suggest you manually check for its existence by confirming appropriate patches are installed or file redirections, etc. are proper. Then mark this as "Resolved" below if the vulnerability does not exist.

    解決方案:他提供我的解決方案是將IIS上到最新版的Service Pack,我到微軟的Offical 網站查了很久..IIS6.0沒有Service Pack..
    他的意思...應該不是叫我裝IIS 7吧,不知道有沒有前輩遇過這種情形,或是有其他解法??
    2. Issue為 OS Identification
    說明:Using a combination of remote probes, (TCP/IP, SMB, HTTP, NTP, SNMP, etc...) it is possible to guess the name  of the remote operating system in use, and sometimes its version.
    建議解法: Please ensure that your OS is patched and updated..在這裡我需要上哪些HotFix才可以避免弱點掃描偵  測到...在麻煩各位前輩指引我一條明路
    謝謝大家~

     

     

    2011年11月29日 上午 01:52

所有回覆

  • 您好!

    原則上所有重大更新都必須更新,有些可能是非重大更新,還是須使用手動更新,選【自訂】在選【軟體】。

     

    2011年12月22日 上午 01:21