Re: Security

From: x y (jamescagney90210@excite.com)
Date: 07/10/02

• Next message: x y: "Re: Renaming a computer on a Domain"
• Previous message: x y: "Re: Difference b/t pinging & port scanning"
• In reply to: Boris Torres: "Security"
• Next in thread: michael: "Security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "x y" <jamescagney90210@excite.com>
Date: Wed, 10 Jul 2002 15:19:42 -0400

Running IIS web server on the domain controller used for your internal
network is usually not recommended unless you have a good reason. If you
don't care about being hacked or being held liable for your machine being
used to hack someone else, and money is tight, I guess you could do it.
[You probably also want to avoid posting your real URL as well.]

Hopefully you've already checked out the checklist on how to secure windows
2000 and IIS at http://www.microsoft.com/security including IISlockdown,
URLscan, antivirus, firewalls, etc.

For questions on authentication, check out www.iisfaq.com You'll probably
want to make [using makecert from microsoft] or buy [e.g. from Entrust.net,
$120/year] a certificate to encrypt the passwords over basic authentication,
or set up VPN if these are coworkers or people you know.

There's a lot of other security stuff involved here, it may make sense to
get some onsite help from a consultant who knows security.

"Boris Torres" <boristorres@yahoo.com> wrote in message
news:16bfd01c22817$e1bec550$9ae62ecf@tkmsftngxa02...
> My Domain Controller is Windows NT server.
> I have windows 2000 server running IIS 5.
>
> It hosts a webpage named www.groupworld.org
>
> It contains a subdirectory named scripts.
>
> D:\groupworld
> D:\groupworld\scripts
> D:\groupworld\scripts\as_web4.exe
>
> But I need improve security to use that file..
>
> I mean, I would like enter user and password to access it.
>
> http://www.groupworld.org/scripts/as_web4.exe?
> Command=SD&File=internet
>
> Please, help me
>
> Thanks,
>
>
> Boris

---

• Next message: x y: "Re: Renaming a computer on a Domain"
• Previous message: x y: "Re: Difference b/t pinging & port scanning"
• In reply to: Boris Torres: "Security"
• Next in thread: michael: "Security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: SBS 2003 and TS-App Mode ... It's not secure... ... functionality over security and now you want functionality back. ... open and easy to use...they want TS on a domain controller back. ... Do not enable application server mode on a domain controllers. ... (microsoft.public.windows.server.sbs) Re: Microsoft Security & Configuration Tool (MSCT) ... > install into the server become problem. ... How to undo the security configuration that I had already applied ... basicsv.inf is the Domain Controller Security Policy, ... (microsoft.public.security) Re: SBS2003 and Terminal Services.... ... SA loads so low in the TCP stack to not be an issue and protects the box ... Apply the Notssid.inf security template to TS running permissions ... Do not enable application server mode on a domain controllers. ... On Locally user right at the domain controller. ... (microsoft.public.windows.server.sbs) Re: Security - Compromised! ... policy, no auditing/intrusion detection, etc. So I would say top things are ... to have properly configured firewall (test with external security scanner) ... Changes could have been made at domain or domain controller ... clean it would be time to run dcpromo on your new server. ... (microsoft.public.win2000.security) Re: Unable to logon(Critical) ... chris made a post then I commented ... > Domain controller security policy also I configured as same ... Event log errors as well, on the client and on the server, and post the ID ... (microsoft.public.win2000.active_directory)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)