How to enhance WEB server, IIS 5 security

How to enhance WEB server, IIS 5 security
Web services in any network are the most vulnerable to attack. Maybe you are using the most popular Web server, Microsoft's Internet Information Server (IIS). Despite the recent release of IIS 6.0 enhances security, but it is not a panacea. Therefore, I need to know how to enhance WEB server, IIS 5 security. I will be waiting for the related replies.
Reply With Quote
#2
Old 16-02-2010
deveritt's Avatar
deveritt deveritt is offline
Member

Join Date: Apr 2008
Posts: 2,528
Re: How to enhance WEB server, IIS 5 security
Using IIS only the components relevant to the needs and related to business. One of IIS 6.0 changes, IIS is only used by default static Web services indispensable. Pay attention to maintaining this configuration, only the services you really need to open.
Reply With Quote
#3
Old 16-02-2010
Techguru01's Avatar
Techguru01 Techguru01 is offline
Member

Join Date: Oct 2005
Posts: 2,116
Re: How to enhance WEB server, IIS 5 security
Assigned to the IUSR_systemname severely restricted access to the account. Running many applications on the server calls IUSR (Internet users) account, on behalf of unauthorized network users to interact with the system. This actually limits the account to the server, the operation of the necessary permissions.
__________________
I'm the Proud Owner of the most dangerous weapon
known to man kind: Human Brain
Reply With Quote
#4
Old 16-02-2010
johnson22's Avatar
johnson22 johnson22 is offline
Member

Join Date: May 2008
Posts: 2,110
Real-time updates using the automatic update security patch
Real-time updates using the automatic update security patch. While the new version of the previous versions in terms of security there is a significant improvement, if history repeats itself (Microsoft often seems the case), the release of version 6.0 will soon because of security reasons there is one or more patches. To enable automatic updates to ensure you receive the patch as soon as possible.
Reply With Quote
#5
Old 16-02-2010
Jackson2's Avatar
Jackson2 Jackson2 is offline
Member

Join Date: Apr 2008
Posts: 2,265
Using the Rapid-Fail Protection
The new version of the most notable feature is that you can enable the Rapid-Fail Protection (Rapid-Fail Protection) function. This will make your server from the impact of security incidents and performance, usually in a very short period of time caused by failure of the process too many times, such as failures or malicious attacks. When this happens, the network management services to close the application pool, to prevent further failures occur, so that the application is not available until the administrator after treatment.
Reply With Quote
#6
Old 16-02-2010
Techno01's Avatar
Techno01 Techno01 is offline
Member

Join Date: Apr 2008
Posts: 2,268
Re: How to enhance WEB server, IIS 5 security
Strict limits for remote management. In any management server can be a great place, but you have to ensure that only authorized users can be the case. You should require all remote administrators to use a static IP address to log in and log on to limit the security of pre-specified IP addresses. You should use strong authentication.
Reply With Quote

If you like this post then consider sharing it with others.