Re: How to Maintain an IIS Server?
From: Stephen Pak (asiats@hotmail.com)
Date: 11/06/02
- Next message: Ken Schaefer: "Re: How to Maintain an IIS Server?"
- Previous message: Ken Schaefer: "Re: How to Maintain an IIS Server?"
- In reply to: Ken Schaefer: "Re: How to Maintain an IIS Server?"
- Next in thread: Ken Schaefer: "Re: How to Maintain an IIS Server?"
- Reply: Ken Schaefer: "Re: How to Maintain an IIS Server?"
- Reply: Karl Levinson [x y] mvp: "Re: How to Maintain an IIS Server?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Stephen Pak" <asiats@hotmail.com> Date: Tue, 5 Nov 2002 18:26:19 -0800
I looked at the Microsoft Security Website.
I understand that there are a lot of information available there.
Actually, I am particular interested in how to prevent worms (e.g.
Nimda/Code Red/anything else). What anti-virus program is the best for IIS
server running on a Windows 2000 server.
Also, what is the best procedures to restore the IIS server once it is
hacked by someone. Or, I should ask what is the best way to backup the
server. Any software or product is good for backup/restore (automatically
backup) the entire site or even the computer.
Thank you for your help!
Stephen
"Ken Schaefer" <kenRMV@THISadOpenStatic.com> wrote in message
news:eToUpYThCHA.2288@tkmsftngp12...
> Have you looked at the resources on the Microsoft Security website? They
> have whitepapers, checklists, tools etc. You need to look at what your
risks
> are, and then implement/use the appropriate checklists/hardware/tools.
>
> Security is about "risk management", and so "secure" for you might not be
> "secure" for me because I face different risks to you. If you can define
> what security risks you face, then we could comment on what you need to
do.
>
> Also, in addition to securing the IIS server, make sure you secure your
ASP
> application that's running on it (eg against SQL Injection attacks, and
> Cross Site Scripting vulnerabilities etc):
> eg
> http://www.nextgenss.com/papers/advanced_sql_injection.pdf
>
> Cheers
> Ken
>
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> "Stephen Pak" <asiats@hotmail.com> wrote in message
> news:uLx7oRThCHA.1712@tkmsftngp11...
> > Hi everyone,
> >
> >
> >
> > I have one "simple" (maybe) question for you. I hope you could help me
or
> > other people.
> >
> >
> >
> > Could you please share your experiences on how to maintain IIS 5.0
server
> > running on a Windows 2000 server machine?
> >
> >
> >
> > As you know, IIS has so many potential vulnerabilities. We need to keep
> > up-to-date all the patches as well as the possible worms (e.g. Code
> > Red/Nimda). I understand that we can tight the security by setting up
the
> > firewall or account (user) restrictions. Also, we can use the MBSA or
IIS
> > Lockdown Tool to protect our servers. However, is there a way to make
the
> > server more secure?
> >
> >
> >
> > Just say.If I want to have an IIS server open to public. What are the
> > things I need to be aware of? Could you please share your experiences
on
> > how to admin your server (if you have one) daily?
> >
> >
> >
> > The reason for me to use an IIS server is that I need to use ASP code to
> > implement an online database system. So.I guess I have to stick with
the
> > IIS server.
> >
> >
> >
> > Thank you,
> >
> >
> >
> > Stephen
> >
> >
>
>
- Next message: Ken Schaefer: "Re: How to Maintain an IIS Server?"
- Previous message: Ken Schaefer: "Re: How to Maintain an IIS Server?"
- In reply to: Ken Schaefer: "Re: How to Maintain an IIS Server?"
- Next in thread: Ken Schaefer: "Re: How to Maintain an IIS Server?"
- Reply: Ken Schaefer: "Re: How to Maintain an IIS Server?"
- Reply: Karl Levinson [x y] mvp: "Re: How to Maintain an IIS Server?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
