Re: Newest of newbies needs to know basics

From: x y, mvp (levinson_k@despammed.com)
Date: 02/27/03


From: "x y, mvp" <levinson_k@despammed.com>
Date: Thu, 27 Feb 2003 07:26:01 -0500


Patches are not the only think you need... you also should consider running
through hardening checklists for configuring Windows and IIS, disabling
unnecessary services especially unnecessary parts of IIS, installing
URLScan, etc. etc. Start with this:

http://securityadmin.info/faq.htm#harden

"Steve Dondley" <stevedondley@attbi.com> wrote in message
news:yti7a.252713$iG3.29675@sccrnsc02...
> Hi,
>
> I've got a IIS running XP on my home computer to serve web pages on the
net.
> Though everything works, I'm worried that it's totally vulnerable. One
> indication that my security it hosed is that I can log onto a virtual web
> with FrontPage and I don't need to type in a username and password. I
tried
> in vain to figure out how to set the username and password for the
> directories in my wwwroot folder. I know nothing about directory
> permissions in Windows or IIS security in general. I'm more of a
programmer
> than an sys admin.
>
> So I need a crash course in securing my machine. Can someone give me a
few
> basics steps I should take? Anyone know of any good resources on the net
> where I can bone up on IIS security?
>
> Thanks.
>
>
>



Relevant Pages

  • Newest of newbies needs to know basics
    ... I've got a IIS running XP on my home computer to serve web pages on the net. ... with FrontPage and I don't need to type in a username and password. ... permissions in Windows or IIS security in general. ...
    (microsoft.public.inetserver.iis.security)
  • Re: CDO MAPI ERROR - possibly IIS security issue
    ... > knows if this could be an IIS security issue. ... Office XP installed with Outlook and CDO option checked ... > Windows 2000 server where is will eventually be deployed. ...
    (microsoft.public.inetserver.iis.security)
  • Re: Username/Password protect a file: now I cant download it at all
    ... There is a news group for IIS security where you may also want to post. ... below on IIS authentication. ... anonymous permissions activated) I can't download the file. ...
    (microsoft.public.win2000.security)
  • Re: Newest of newbies needs to know basics
    ... WindowsUpdate don't track every patches. ... > I've got a IIS running XP on my home computer to serve web pages on the ... > with FrontPage and I don't need to type in a username and password. ... > permissions in Windows or IIS security in general. ...
    (microsoft.public.inetserver.iis.security)
  • Re: CMI error after installing the latest QFEs
    ... IIS security is not major issue here, ... needs to look closer at what is interacting between these updates. ... "Paul Mair" wrote: ... > If I then install Q8411114 I get the problem that the IIS common Lib ...
    (microsoft.public.windowsxp.embedded)