WEB SECURITY ADVISOR
How to safely install IIS
Ross Tsolakidis
03.15.2002
Rating: -3.46- (out of 5)
This tip was submitted to the SearchSecurity.com Tip Exchange Contest by user Ross Tsolakidis. Let other users know how useful it is and help Ross win a prize by rating the tip below.
I've seen a lot of people install a Windows 2000 server while the machine is connected to the network (live IP address). What they are unaware of is as soon as the install is completed and the Web server reboots, they are vulnerable to all the exploits that IIS has "out of the box," and that is a LOT.
I've seen Web servers attacked within seconds of going live, i.e., Code Red Worm.
You'd be surprised how many people do this!
Here's the way I install a server:
I make sure the server is unplugged from the network while installing the OS.
Once the OS install has been completed and the machine reboots, I stop IIS completely via the IIS console.
Now I plug it into the network.
Next, I update all the patches and Service Packs.
I reboot the server, start IIS again and I'm done.
If you do what I do, you won't have a vulnerable Web server live on the Internet while you are patching it.
|
|
Rate this Tip
|
To rate tips, you must be a member of SearchSecurity.com.
Register now
to start rating these tips. Log in if you are already a member.
|
DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.
|
|
|
|
|
|
|
