Product Reviews

Adding a Line of Defense

Flicks Titan shores up your IIS security

• By Andy Barkl
• 10/01/2002

According to the company's Web site, Titan protects Microsoft IIS Web servers from known and unknown attacks. It wraps around IIS and works within it, verifying and analyzing incoming Web server data for security breaches.

The download and install were fairly standard and uneventful. As the instructions said, I disabled my Internet services before running the setup routine. Toward the end of setup, the program asked me if I wanted it to restart my services; when everything was done, all services were restarted. Total install time: two minutes.

Titan is implemented as an ISAPI filter and, by default, is installed at the computer level so settings apply to all Web sites on the server. Configuration is straightforward via a simple Windows-style configuration screen:

The program gives you enough options to configure it to do most anything you want and even lets you add custom query strings, which it'll then block. How the program responds when a request is denied is configurable as well. You can type in a message, pull it from a file, include an explanation, or even redirect to another URL.

The tests I ran consisted mostly of throwing different things at Titan and seeing if it let them through or not. The things I tossed at it were derived mainly from the log files on my test machine. This machine had been hit by Nimda and a number of variations of requests, including a lot of attempts to get at cmd.exe using .. to go up the directory tree and \ - the physical directory delimiter.

The default settings apparently worked pretty well and stopped most of the requests. I already had URLScan installed, and it also was logging and preventing the still-present Nimda attacks. (When will people stop putting unpatched IIS servers on the Net?)

Flicks Titan gives you enough options to configure it to do most anything you want.

The setup program didn't seem as polished as many commercial programs on the market. It's on par with most ASP component install routines; once installed, Titan seemed to work like a charm. If you're experiencing many of these types of attacks or are worried about future ones, this product can be used with other methods to help increase your server's layers of defense.

While this isn't the "cure all" to your Web server security issues, Titan can be can worthwhile investment, assuming the worm type you're trying to prevent can be filtered.