Re: security in IIS use
From: PL (pblse_at_yahoo.se)
Date: Sun, 11 May 2003 21:45:28 +0200
XP Pro is not a server system and if you are using it for development
you shouldn't have it exposed to the internet anyway so there's not
much to worry about if you have a personal firewall or xp's firewall
There's a lot of bull going on about IIS security, all webservers have
had bugs in them but from XP and up there has not been any really
Of course ANY system (including open source bs) should be patched
up to the latest versions and locked down as much as possible.
For XP Pro, install all patches from Windows update and make
sure you have a firewall.
If you are really going to expose IIS in XP Pro on the internet
(even though it's not a server and has a ten connection limit) you
should also run IIS Lockdown to remove unnecessary services.
If you are setting up a W2k Server it's a lot more, of course the first
thing is to install SP3 and then the IIS patches released after SP3,
download these and do not have the system on the internet before it's
patched, finally install IIS Lockdown and then palce the server behind
"Nathan" <email@example.com> skrev i meddelandet news:firstname.lastname@example.org...
> I have just become interested in branching into e-
> commerce. I upgraded to XP pro and plan to install IIS. A
> friend and fellow web designer told me to be concerned
> with the security of my machine when IIS is installed.
> Please explain. What security measures should I take?