Last post Nov 04, 2011 01:13 PM by narenderrawal007
Nov 04, 2011 12:53 PM|narenderrawal007|LINK
Is there any threat from outside to company domain if I install an IIS on my local machine within an intranet environment. I just need to host a simple application on my machine. Only people within organization will be accessing it. Will it pose any security
threat to the domain ?
I have been told that if I install IIS on my local system it will prone to all sorts of issues Remote Code Execution, Buffer Overflow. Please advice.
Nov 04, 2011 12:58 PM|bbcompent1|LINK
If and only if your organization doesn't use a firewall and if that's the case, your domain is already open to everything under the sun. If this app is for internal use only, logic would dictate that being behind the firewall the outside can't get to internal
IP Addresses because they are not NATable (network address translation) unless you put that machine on what is called the DMZ (demilitarized zone) which would permit outside access.
Nov 04, 2011 01:02 PM|bbcompent1|LINK
Also, if they aren't using any type of firewall, then everyone on your network is at risk. The firewall only allows in what you tell it to and most machines these days now have a built-in firewall that adds an extra layer of protection too :) Plus antivirus
programs are constantly watching for threats. I would suggest go to
www.securitytango.com and use their tools to check the level of security on that system.
Nov 04, 2011 01:13 PM|narenderrawal007|LINK
Thank you very much for your prompt reply. It is an intranet app which all employees will be using it within domain. I hope there is not much outside threat to it.