Library Technology Guides

Document Repository

Securing IIS on Windows 2000

[March 6, 2001]

.

Copyright (c) 2001 SANS Institute

Abstract: Securing IIS on Windows 2000Carl DenowhMarch 6, 2001IntroductionThere are more vulnerabilities and attacks for web servers than any other type. With the convenience of the Internet and the growing pressure to "have a web presence", people and businesses are installing web servers right and left. Windows 2000 and Internet Information Server (IIS) are making this incredibly easy, but what about the risks? By its very design, a web server is intended to make information accessible, not protect it. A software company will always install their product with most of the features turned on, to reduce help calls, and to show the product in its best light. That means that IIS installs in an insecure format, but that does not mean that the platform is any less secure or desirable than any other.1 With this understanding, we can now proceed with the task of making it secure.


Permalink:
View Citation
Publication Year:2001
Type of Material:Article
Language English
Issue:March 6, 2001
Publisher:SANS Institute
Subject: Network security
Microsoft Windows 2000
Online access:http://www.sans.org/infosecFAQ/win2000/sec_IIS.htm
Record Number:9435
Last Update:2012-12-29 14:06:47
Date Created:0000-00-00 00:00:00