WatchGuard App Locks Out Hackers

Businesses with servers running Microsoft Windows NT or 2000 and Internet Information Services are getting used to frequent warnings about new security vulnerabilities. Web servers with NT account for 54.5% of all Web-site defacements reported to Attrition.org, which tracks security breaches.

To help keep attackers away from those vulnerable servers, security vendor WatchGuard Technologies Inc. last week introduced AppLock/Web. By clicking on a "Lock the Server" button, users can lock down the operating system, IIS application, and Web-site content, and ensure that no changes are made to content or user privileges until AppLock/Web is unlocked.

Because AppLock/Web shuts down access to the IIS application, modification or deletion of important system files, directory, and registry content isn't possible. The same is true for Web-page content, CGI-BIN scripts, WAV, and MP3 files, the company says. AppLock/Web autodiscovers more than 200 known file extensions for protection.

The Boston Architectural Center, an architecture and interior design college, has successfully tested AppLock/ Web, says Arthur Bright, a network and system administrator for the school. The center plans to deploy the software on a ColdFusion server that holds the school's online course database.

Users with Web pages that are frequently or automatically updated will find that AppLock adds another step to administration. It needs to be shut off before users can perform Web-site content updates. IT managers also can stop AppLock from protecting certain pages of content, but WatchGuard strongly advises against this option because it lowers the overall protection of the site.

AppLock/Web is available now for $595, which includes a year of electronic technical support and software updates.