Re: IIS with DOTNET 1.1

From: Ken Schaefer (kenREMOVE_at_THISadOpenStatic.com)
Date: 09/26/03


Date: Fri, 26 Sep 2003 11:25:13 +1000


I think you're pretty much good-to-go.

However, to get into the nitty-gritty of how ASP.Net security works, MS has
some pretty good guides out there, including this one:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/secnetlpMSDN.asp?frame=true
Building Secure ASP.NET Applications: Authentication, Authorization, and
Secure Communication

which you can download as a PDF, or read online, or buy as a book. It covers
how ASP.Net actually works, security wise.

Cheers
Ken

"Dimitrie" <dimitrie.agafitei@verizon.net> wrote in message
news:BB98817B.4AA%dimitrie.agafitei@verizon.net...
: I would like to install the DOTNET 1.1 FRMWRK on a production machine
(IIS5
: Win2k). It runs ASP and it's locked down with the IIS 2.1 LockDown Tool
and
: a bunch of few other tweaks. The intent is to start porting old ASP
scripts
: to ASPX. No web services intended.
:
: By simply installing the framework and not running any ASPX scripts is the
: machine still secure? Do I have to take any further steps to lock down the
: server?
:
:
: Can anyone point me to a Securing IIS5 and .NET guide or whitepapers?
: Or if you can briefly advise me on the steps it would be great.
:
:
: Thanks,
: Dimitrie
:
:



Relevant Pages

  • Re: IIS with DOTNET 1.1
    ... However, to get into the nitty-gritty of how ASP.Net security works, MS has ... some pretty good guides out there, ... Secure Communication ... By simply installing the framework and not running any ASPX scripts is the ...
    (microsoft.public.inetserver.iis.security)
  • Re: Ten least secure programs
    ... it's probably better you leave the topic alone ... I said I do not have security issues with the programs I code. ... I didn't realize you were a Linux user, ... > the most widely used and secure UNIX flavors? ...
    (Security-Basics)
  • "An Asp.Net accident waiting to happen" - Draft article
    ... In a time where Security ... in shared hosting environments. ... technologies that allow the creation and deployment of secure ... IIS 6 web server and windows 2003 also provide some tools to deploy ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: Why Easy To Use Software Is Putting You At Risk
    ... I do agree that the additions and changes to Solarius will make it more secure and that this is good. ... Why Easy To Use Software Is Putting You At Risk ... instead I would say that the view that security is ... Four Construction Workers Died after Crane Collapse in Toledo, ...
    (Security-Basics)
  • Re: Screensaver takes too much time to fade-out...
    ... If you are serious about making your machine secure, ... learn a thing or two about security. ... These logs are mailed to the root user at 3am. ... Setup dovecot and use a local email client to fetch it. ...
    (Fedora)