Re: How Should IIS permissions be set to prevent hacking?
From: Jeff Cochran (jeff.nospam_at_zina.com)
Date: Sun, 04 Jul 2004 03:07:56 GMT
On Sat, 3 Jul 2004 19:37:01 -0700, "StarView"
>I friend today demonstrated how he was able to modify my default page. He suggested coming here. What/where/how do I need to configure the permissions in my IIS (in WinXP Pro) such that I can update my pages (using FP), and allow Internet users to read the pages, yet prevent anyone from changing them or adding malicous code?
First, tell us what your friend did to change the page. Beyond that,
firewalls, NTFS permissons, FP permissions and roles, stong passwords
and so on are the route you need to take.