Adding ASP.NET to IIS5 security concerns

From: Dimitrie (dimitrie.agafitei_at_verizon.net)
Date: 09/25/03

Next message: Johan Normén: "Servervariables("logon_user") returns empty string"
Previous message: George Durzi: "Re: Stumped on FormsAuth Cookie Timing Out"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 25 Sep 2003 11:32:05 -0400

I would like to install the DOTNET 1.1 FRMWRK on a production machine (IIS5
Win2k). It runs ASP and it's locked down with the IIS 2.1 LockDown Tool and
a bunch of few other tweaks. The intent is to start porting old ASP scripts
to ASPX. No web services intended.

By simply installing the framework and not running any ASPX scripts is the
machine still secure? Do I have to take any further steps to lock down the
server?

Can anyone point me to a Securing IIS5 and .NET guide or whitepapers?
Or if you can briefly advise me on the steps it would be great.

Thanks,
Dimitrie

Next message: Johan Normén: "Servervariables("logon_user") returns empty string"
Previous message: George Durzi: "Re: Stumped on FormsAuth Cookie Timing Out"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

IIS with DOTNET 1.1
... I would like to install the DOTNET 1.1 FRMWRK on a production machine (IIS5 ... The intent is to start porting old ASP scripts ... Can anyone point me to a Securing IIS5 and .NET guide or whitepapers? ...
(microsoft.public.inetserver.iis.security)
IIS with DOTNET 1.1
... I would like to install the DOTNET 1.1 FRMWRK on a production machine (IIS5 ... The intent is to start porting old ASP scripts ... Can anyone point me to a Securing IIS5 and .NET guide or whitepapers? ...
(microsoft.public.inetserver.iis.security)
Adding ASP.NET to IIS5 security concerns
... I would like to install the DOTNET 1.1 FRMWRK on a production machine (IIS5 ... The intent is to start porting old ASP scripts ... Can anyone point me to a Securing IIS5 and .NET guide or whitepapers? ...
(microsoft.public.dotnet.framework.aspnet.security)
RE: Running IIS locally - advice?
... If it is going to be used for local access only the apache ... The ASP compatibility can be provided by eg. Sun Chilisofts ... >>locally to laptops. ... >>2) Install a personal Firewall, ...
(Focus-Microsoft)
Re: How to get IIS5 functional again
... IIS5 was reinstalled and fully patched and everything (asp, ... IIS lockdown was run. ... (note that IIS Lockdown, as reported in the report window, shows that the two IIS related accounts ...
(microsoft.public.security)