IIS Feature Feedback
ROLL-BACK SYSTEM- (RBSystem)
Last post Feb 06, 2017 04:24 AM by Yazz idE
Feb 06, 2017 04:24 AM|Yazz idE|LINK
I'm Yaser from India.I certificated in MCSA (ID F466-4560) . I'm working on IIS Server. In the real world, so many web attacks are undergoing now.In my experience, I realized that, if the website attacked, administrator suffering to get
back the original website mode, many times the administrator saying that they need hours of time to back the website in original web mode. this time, users and customers can't get any scene from websites
basically, I'm security engineer , I found a solution for this, we are going to bring a
NEW FEATURE ON OUR IIS SERVER . It's called "ROLL-BACK SYSTEM"
Its feature called ROLL-BACK SYSTEM (RB System ), I'm going to explain a demo of my idea
Every login time we are going to create the one exact 'RB Sys backup' of the website.
Normal case !
Administrator updated the web content
Attacker compromised login information and enter to the console, the attacker changed web content and they modified the websites and collected the information
The users and customers going to see the websites. It's made the huge problem. Admin trying to back original mode,by normal case Administrator taking more than hours. its time the company website is not available to users,customers
or any other people.
Well then our RB System going to apply here!
Administrator updated the web content ( RB Sys backup files created )
Attacker disclose login information and enter to the console, the attacker changed web content and they modified the websites (
RB Sys backup files created )
10. 40 AM
Admin login and try to back original content the website
Here totally we created the 2 'RB Sys backup' Admin wanna use our feature to backup the web content (what on 10:30 AM ). “
But it's need one more third party authentication “ (our new authentication console for this project ) to access our "Roll-back system"
then admin succeed the authentication process. By a single click the 'Roll back system' special backup file going to up , ( need seconds only ) next second every users and customer can watch our website normally ...
1 New security feature implemented on IIS
2 No longer time, only second need to back the original state
3 Roll back system’s database is not on their local system
4 Administration simplified
5 Maintain Separate Authentication mode ( locally or Globally )
6 Attacker wants to one more authentication process to touch our RB Systems
7 Default only two 'RB sys backup' maintain
1. We need to maintain separate authentication process ( all detail documented )
Every Aspect of the project is documented here! If you guys interested, i will explain you each module separately.