Securing SQL Server with IIS 6.0

From: Edwin Gibbs (etgibbs@earthlink.net)
Date: 03/27/03

Next message: Mary Chipman: "Re: Role activation"
Previous message: lindawie: "Re: SQL Permissions with Trusted Connection/Windows Authentication"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From:     Edwin Gibbs <etgibbs@earthlink.net>
Date: Thu, 27 Mar 2003 10:32:28 -0800

I am deploying a new website which has SQL Server 2K and IIS 6.0
installed on the same server. Please tell me what steps should I take
to ensure that is properly secured. The configuration is listed below.

- WIN 2K
- SQL 2K SP3
- IIS 6
- Thawte 40 bit SSL
- .Net framework

Please also recommend a software firewall and intrusion detection
software.

Thanks in advance,

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!

Next message: Mary Chipman: "Re: Role activation"
Previous message: lindawie: "Re: SQL Permissions with Trusted Connection/Windows Authentication"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Firewall Affecting Website Page Load Speed?
... all of the others have one or two images on the page. ... I am hosting this website at home on a machine running Windows XP Pro ... You're using IIS on Windows XP. ... You have SQL Server running on the same box. ...
(comp.security.firewalls)
Re: is IIS 5.0 safe?
... It is possible to set up IP Restriction on the website such that it will ... >impossible for IIS to even respond to non local requests while your own PC ... Run the software firewall and make sure that port 80 is not open. ... >for configuring/securing it. ...
(microsoft.public.inetserver.iis)
Re: ASP/SQL Server Setup
... > person who is going to login to the site. ... It works fine if IIS and SQL Server are on the same machine, ... >> You will have to turn off anonymous access for the website and force the ...
(microsoft.public.dotnet.framework.aspnet)
SQL2000 based website: DMZ or LAN placement
... Soon going to be updating a website. ... DMZ) and SQL2000 on the other. ... SQL2000 inside and create rules to allow the IIS box to talk to the ... SQL given that the SQL server will also be used for non-web data as ...
(comp.security.firewalls)
Re: is IIS 5.0 safe?
... IIS 5.1 comes with XP Pro and only supports one website and 10 connections. ... Run the software firewall and make sure that port 80 is not open. ...
(microsoft.public.inetserver.iis)