Re: SecureIIS and IIS 6
From: Joris Dobbelsteen (joris.dobbelsteen_at_mail.com)
Date: 10/15/04
- Next message: Use.Netuser.de: "Re: Kerio 4"
- Previous message: Rob Slade, doting grandpa of Ryan and Trevor: "REVIEW: "Network Security Assessment", Chris McNab"
- In reply to: DJ: "SecureIIS and IIS 6"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 15 Oct 2004 20:51:39 +0200
Drop it,
Just harden your server according to Microsoft guidelines and install
UrlScan.
Don't forget to set up the File System permissions correctly.
Enable logging (and take a look at them every once in a while).
In IIS setup proper security policies to allow anonymous and authenticated
access. Enable what appropriate, don't forget to keep BASIC authentication
disabled.
That should give a good start.
And in the process, don't forget to give your accounts good passwords,
create a policy to enforce it and disable the guest account.
This makes the server as a whole much more reliable, as the foundation is
hardened, not a single aspect of the system. Of course a decent firewall
should be installed.
- Joris
"DJ" <dj19@email.si> wrote in message
news:AOtbd.4249$F6.1189679@news.siol.net...
> Hello!
>
> Like subject says, i'm running IIS 6 HTTP Server and i want apply eeye
> SecureIIS for intruder preventions. But when I would to run it (click on
> "Arm Site Security") and when IIS restart, just become that message:
> "Could not Arm SecureIIS Module"
>
> Does enyone know what could be wrong?
>
> Please help me!
>
> Geets
> Tnx
> D
- Next message: Use.Netuser.de: "Re: Kerio 4"
- Previous message: Rob Slade, doting grandpa of Ryan and Trevor: "REVIEW: "Network Security Assessment", Chris McNab"
- In reply to: DJ: "SecureIIS and IIS 6"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
