Auditing microsoft IIS 5/6.0

What do you think should be checked when audition MS IIS 5/6.0 installation? Any tips would be helpful.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Relevant Pages

  • Re: WinXP - Private SSL certificate cannot install?
    ... Next the Adminsamples in XP Pro is ... > Have removed and re-installed the certificate and also> replaced with another certificate without improvement. ... I> uninstalled and re-installed IIS hoping that it was a> faulty installation, but the directory is still missing. ...
    (microsoft.public.inetserver.iis.security)
  • Re: WIN2000 and IIS
    ... Subject: WIN2000 and IIS ... Fresh install of Windows 2000 Advanced Server onto a 5gig clean NTFS ... During installation, ... Services Proxy as the component. ...
    (Bugtraq)
  • Re: WIN2000 and IIS
    ... Subject: WIN2000 and IIS ... Fresh install of Windows 2000 Advanced Server onto a 5gig clean NTFS ... During installation, ... Services Proxy as the component. ...
    (Focus-Microsoft)
  • RE: IIS
    ... I believe that once the source code is open source, ... Subject: IIS ... are a myriad of options to hardening an IIS box than just patches. ... worked with many and would answer this with, the system is as secure as the ...
    (Security-Basics)
  • Re: How to secure IIS?
    ... XP as well, because even if you don't install IIS, there are still a number ... If you think Windows 98 is secure, ... easy to attack, if there's no firewall... ... IIS security checklists] 3) install firewall and antivirus, ...
    (microsoft.public.inetserver.iis.security)