Re: IIS with DOTNET 1.1
From: Ken Schaefer (kenREMOVE_at_THISadOpenStatic.com)
Date: 09/26/03
- Next message: joel: "Large iis log files in w3svc1 directory"
- Previous message: Ken Schaefer: "Re: Anti-virus software on Win2K Web server"
- In reply to: Dimitrie: "IIS with DOTNET 1.1"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 26 Sep 2003 11:25:13 +1000
I think you're pretty much good-to-go.
However, to get into the nitty-gritty of how ASP.Net security works, MS has
some pretty good guides out there, including this one:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/secnetlpMSDN.asp?frame=true
Building Secure ASP.NET Applications: Authentication, Authorization, and
Secure Communication
which you can download as a PDF, or read online, or buy as a book. It covers
how ASP.Net actually works, security wise.
Cheers
Ken
"Dimitrie" <dimitrie.agafitei@verizon.net> wrote in message
news:BB98817B.4AA%dimitrie.agafitei@verizon.net...
: I would like to install the DOTNET 1.1 FRMWRK on a production machine
(IIS5
: Win2k). It runs ASP and it's locked down with the IIS 2.1 LockDown Tool
and
: a bunch of few other tweaks. The intent is to start porting old ASP
scripts
: to ASPX. No web services intended.
:
: By simply installing the framework and not running any ASPX scripts is the
: machine still secure? Do I have to take any further steps to lock down the
: server?
:
:
: Can anyone point me to a Securing IIS5 and .NET guide or whitepapers?
: Or if you can briefly advise me on the steps it would be great.
:
:
: Thanks,
: Dimitrie
:
:
- Next message: joel: "Large iis log files in w3svc1 directory"
- Previous message: Ken Schaefer: "Re: Anti-virus software on Win2K Web server"
- In reply to: Dimitrie: "IIS with DOTNET 1.1"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
