[dba-Tech] Securing IIS

Erwin Craps Erwin.Craps at ithelps.be
Thu Nov 27 04:01:07 CST 2003


Between 50 and 400 attempts is pretty normal... (in my experiance)
>>> That's per hour.... 

-----Original Message-----
From: dba-tech-bounces at databaseadvisors.com
[mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Erwin Craps
Sent: Thursday, November 27, 2003 10:43 AM
To: Discussion of Hardware and Software issues
Subject: RE: [dba-Tech] Securing IIS

Microsoft hase a Lockdown tool and URL scan.
Don't have the link but you should find it quit easy on the IIS website
of MS.

Also use the MSBA Security Base Analyzer or something.
This will scan  your system for missing fixes other then windows update.
You should find this pretty easy on technet.

And then you would need some luck too...
It's pretty wild out there :-)

Between 50 and 400 attempts is pretty normal... (in my experiance)

One good advice
NEVER PUT AN WEBSERVER ONLINE BEFORE IT'S FULLY PATCHED AND SECURED AND
PREFERABLY BEHIND A FIREWALL.
If you do so, your server is hacked, infected or trojaned within 5
minutes.


Erwin


-----Original Message-----
From: dba-tech-bounces at databaseadvisors.com
[mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of John W.
Colby
Sent: Thursday, November 27, 2003 10:23 AM
To: DBA - Tech
Subject: [dba-Tech] Securing IIS

Can anyone point me to a good primer on securing IIS, preferably on
line?  I am trying to get an IIS server going on my in-house server to
demo web sites to clients and just don't my system exposed to hackers.

John W. Colby
www.ColbyConsulting.com


_______________________________________________
dba-Tech mailing list
dba-Tech at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-tech
Website: http://www.databaseadvisors.com
_______________________________________________
dba-Tech mailing list
dba-Tech at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-tech
Website: http://www.databaseadvisors.com


More information about the dba-Tech mailing list