IIS insecurity - Contractor UK Bulletin Board

Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

You are not logged in or you do not have permission to access this page. This could be due to one of several reasons:

You are not logged in. If you are already registered, fill in the form below to log in, or follow the "Sign Up" link to register a new account.
You may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.

Guest replied

12 November 2002, 13:45
maybe you chuck a personal firewall on and lock down who can connect to it?
Leave a comment:
Guest replied

11 November 2002, 17:31
Re: make sure

Also, urlscan is quite useful.

It blocks 'funny' urls, i.e. ones that try fancy unicode in the url or access to system directories. Combined with lockdown and latest patches, makes IIS 1000x more secure.
Leave a comment:
Guest replied

9 November 2002, 11:18
make sure

you run iislockdown...
Leave a comment:
Guest started a topic IIS insecurity

8 November 2002, 22:48
IIS insecurity

I need to install IIS locally to do some testing. Machine is win2k + running norton personal firewall. After installing iis what will I need to do to ensure that it is secure ? (other than downloading latest patches / updates)
Tags: None

Working...

X