IIS4 - IUSR accout security
From: Jeff Tate (jtate@scientific-evidence.nonspam.com)
Date: 06/13/02
- Next message: Paul Norris: "Does SSL have to apply to all sites on a server?"
- Previous message: SvS: "Re: Websites getting hacked"
- Next in thread: x y: "Re: IIS4 - IUSR accout security"
- Reply: x y: "Re: IIS4 - IUSR accout security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Jeff Tate" <jtate@scientific-evidence.nonspam.com> Date: Thu, 13 Jun 2002 10:17:59 -0700
Are there any good recommendations/best practices
regarding the IUSR and IWAM accounts for IIS4? Allowing
these accounts the "Logon locally" and network access
privledges doesn't sit totally well with me. If it must
be, the so be it. But, I'd like to know how best to secure
these accounts.
Some questions:
What groups MUST they be in?
Any settings that could be used to reduce the hazards
these two accounts seem to present?
Is renaming the accounts a good Idea?
Thanks
Jeff Tate
- Next message: Paul Norris: "Does SSL have to apply to all sites on a server?"
- Previous message: SvS: "Re: Websites getting hacked"
- Next in thread: x y: "Re: IIS4 - IUSR accout security"
- Reply: x y: "Re: IIS4 - IUSR accout security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
