The Security Guide Security Guide RSS Feed


Internet and Data Security Knowledgebase

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 


URLScan To provide defense in depth, URLScan, with customized templates for each supported server role, is integrated into the IIS Lockdown Wizard.
URLScan is an Internet Server Application Programming Interface (ISAPI) filter that screens and analyzes Hypertext Transfer Protocol (HTTP) requests as IIS receives them.
Unresolved domains hijacking If a user types in a hostname which does not exist, for example by mistyping, then the DNS server is supposed to return a special message saying it does not exist, and your browser displays the usual "server not found".
However, some ISPs have started to see an income potential there, and instead hijack these DNS queries and send their users to their search page, with ads.
Usability When you install an application on any operating system, you enable additional functionality, which may make the system less secure because it increases the attack surface of the system.
You can make technology more secure but, by doing so, you will probably make the technology less usable.
The most secure system is one that is disconnected and locked in a safe. Such a system is secure, but not usable.
User Rights These settings specify users or groups that have logon rights or privileges.

© RuleWorks - All Rights Reserved - Policy -