A recent Gartner Group report recommends that businesses that must provide a Web presence should look for a different solution than one based upon Windows products, since patches must be applied almost weekly to correct bugs and security lapses.
With the emergence of the Nimda worm, which has meant another harmful attack on Microsoft’s Internet Information Server (IIS) and other software, the research group recommends that businesses with Web applications begin looking into less vulnerable Web server products. The Nimda worm can spread through e-mail, file sharing and Web site downloads.
The Gartner Group, with over 700 analysts worldwide, offers business and technology intelligence and research. In an online CNET column Commentary: Another worm, more patches, John Pescatore, Gartner analyst, said that as a “rollup worm,” Nimda bundles several known exploits against Microsoft’s IIS, Internet Explorer browser and operating systems such as Windows 2000 and Windows XP, which have IIS and IE embedded in their code. And, as Code Red has previously shown, it’s not that hard to attack IIS Web servers.
“Thus, securely using Internet-exposed IIS Web servers has a high cost of ownership,” Pescatore said. “Businesses using Microsoft’s IIS Web server software have to update every IIS server with every Microsoft security patch that comes out — almost weekly. However, Nimda has again shown the high risk of using IIS and the effort involved in keeping up with Microsoft’s frequent security patches.”
The Gartner Group recommends that businesses hit by both Code Red and Nimda immediately investigate alternatives to IIS, including moving Web applications to Web server software from other vendors such as iPlanet and Apache. Although those Web servers have required some security patches, they have much better security records than IIS and are not under active attack by the vast number of virus and worm writers, Pescatore said. Gartner remains concerned that viruses and worms will continue to attack IIS until Microsoft has released a completely rewritten release of ISS that is thoroughly and publicly tested.
Apache is a powerful, flexible, HTTP/1.1-compliant Web server known for its stability. It’s highly configurable and can be extended with third-party modules. Apache is the world’s most popular Web server, powering more than 60 percent of Internet domains, according to Netcraft’s June 2001 Web Server Survey. Mac OS X has a Web Sharing feature that offers a fully functional installation of the Apache Web server.
“Sufficient operational testing should follow to ensure that the initial wave of security vulnerabilities every software product experiences has been uncovered and fixed,” Pescatore said. “This move should include any Microsoft .Net Web service that requires the use of IIS. Gartner believes that this rewriting will probably not occur before the end of 2002.”
Ken Goff of MacEssentials specializes in software development and systems consulting — in particular, the AccountMaster line of products for several different vertical market. Goff knows of an institution that has experienced this situation. In Worthington, MN, a city with a population of approximately 20,000, the school system has been moving to an all Wintel solution. At the time this change began, the usual rationale was given for consolidating on a single platform, but now that policy has now come back to haunt them.
Because of the recent PC viruses, computers running all flavors of Windows have become disabled. No one at that school has been able or even allowed to use the computers for several days.
“What makes this situation particularly difficult is that, in an effort to save money on paper costs, all daily communication from the school administration is normally being done through e-mail,” Goff said. “And, of course, teachers in the system have become accustomed to using computer technology for daily record keeping and other vital functions. Some of that record keeping must be done via the Internet. Again, all computer usage has been stopped due to the susceptibility of their computers which run upon Microsoft Windows products.”