Re: 2000 Server Setup
From: Karl Levinson [x y], mvp (levinson_k_at_despammed.com)
Date: 04/25/03
- Next message: Karl Levinson [x y], mvp: "Re: IIS on non system drive helps security or doesnt matter."
- Previous message: Karl Levinson [x y], mvp: "Re: IUSR_ , IWAM_ , and ASPNET accounts being locked out"
- In reply to: Andrew Morgan: "2000 Server Setup"
- Next in thread: Andrew Morgan: "Re: 2000 Server Setup"
- Reply: Andrew Morgan: "Re: 2000 Server Setup"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 25 Apr 2003 10:52:51 -0400
Wow, that's a lot of things to know and do, and if you don't already have
experience, you're bound to make a fatal mistake. I highly recommend
getting a trusted consultant to help or advise, though at the same time you
want to start doing lots of reading as your time permits to try to keep the
site secure going forward and to make sure the consultant didn't make any
big mistakes. [You also didn't mention what version of Windows you're
using, which is helpful.]
Having said that, here's a baseline start:
http://securityadmin.info/faq.htm#harden
http://securityadmin.info/faq.htm#firewall
http://securityadmin.info
You may really want to have an ISP host your DNS for you [they may even do
this for free with your account]. Much easier. They can help. Even
www.dyndns.org or similar, which is free.
You definitely want one or more firewalls [or a DMZ] that is configured
correctly and securely. Free ones are even listed above. I wouldn't rely
on just a personal firewall software installed on the web server if you can
avoid it.
For best security, if you can afford it, make the web server dedicated to
just IIS, no DNS or gateway routing or other services running on it. That's
true about all your vulnerable and internet-facing devices.
Last, you probably want to do a lot of reading. Used security books can be
gotten pretty cheaply from www.amazon.com, just in some cases it may make
sense to make sure you're not getting a really old edition if a newer
edition is more relevant. These books are not sufficient to tell you all
you need to know, but a starting point could be the Osborne / Foundstone
books Hacking Exposed 3rd or 4th edition, Hacking Web Apps Exposed, Web
Hacking, Incident Response 1st or 2nd edition, etc. If you insist on
building and maintaining your own firewall, Building Internet Firewalls 2nd
edition. etc. etc.
Keeping a server or network secure isn't an endpoint, it's an ongoing
process of keeping both your know how and your systems up to date.
"Andrew Morgan" <acrosstheseaweezer@hotmail.com> wrote in message
news:052f01c30b14$fd270470$a601280a@phx.gbl...
> I have found myself with the responsibility of managing
> the company website and I can build it fairly easy, my
> problem is being faced with a clean virgin server which im
> unsure how to approach. I dont know how to set up DNS and
> relavant security considerations for running a website.
>
> Any help or suggestions would be greatly appreciated,
> pointers to websites I should consider essential reading
> would be most helpful as well.
- Next message: Karl Levinson [x y], mvp: "Re: IIS on non system drive helps security or doesnt matter."
- Previous message: Karl Levinson [x y], mvp: "Re: IUSR_ , IWAM_ , and ASPNET accounts being locked out"
- In reply to: Andrew Morgan: "2000 Server Setup"
- Next in thread: Andrew Morgan: "Re: 2000 Server Setup"
- Reply: Andrew Morgan: "Re: 2000 Server Setup"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
