Re: IIS with DOTNET 1.1
From: Ken Schaefer (kenREMOVE_at_THISadOpenStatic.com)
Date: Fri, 26 Sep 2003 11:25:13 +1000
I think you're pretty much good-to-go.
However, to get into the nitty-gritty of how ASP.Net security works, MS has
some pretty good guides out there, including this one:
Building Secure ASP.NET Applications: Authentication, Authorization, and
which you can download as a PDF, or read online, or buy as a book. It covers
how ASP.Net actually works, security wise.
"Dimitrie" <firstname.lastname@example.org> wrote in message
: I would like to install the DOTNET 1.1 FRMWRK on a production machine
: Win2k). It runs ASP and it's locked down with the IIS 2.1 LockDown Tool
: a bunch of few other tweaks. The intent is to start porting old ASP
: to ASPX. No web services intended.
: By simply installing the framework and not running any ASPX scripts is the
: machine still secure? Do I have to take any further steps to lock down the
: Can anyone point me to a Securing IIS5 and .NET guide or whitepapers?
: Or if you can briefly advise me on the steps it would be great.