| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Maintaining Credible IIS Log Files I once investigated a serious intrusion as part of a criminal investigation. An intruder broke into an IIS server, uploaded some tools, and then accessed the company's internal database. We knew approximately when the intrusion occurred, but we did not know which of several hundred Web sites on a dozen servers was compromised.
By Mark Burnett, 07/15/2004
|
|
How to detect hackers on your web server A discussion of the methods used by hackers to attack IIS web servers, and how you can use event log monitoring on your web server to be alerted to successful attacks immediately.
By GFI Software, 06/23/2004
|
|
Securing IIS on Windows 2000 There are more vulnerabilities and attacks for web servers than any other type. With the convenience of the Internet and the growing pressure to “have a web presence”, people and businesses are installing web servers right and left. Windows 2000 and Internet Information Server (IIS) are making this incredibly easy, but what about the risks?
By Carl Denowh, 05/17/2004
|
|
Basic IIS 5.0 Default Web Server Security Securing Internet Information Server 5.0 servers across a large corporation can be a complicated task when faced with many different scenarios and user setups. Whenever possible, it is best to set up a secure web site from scratch as it will be less complicated than trying to secure one that is already in use. Unfortunately, securing sites already in use is the challenge most administrators face.
By Terri Carroll, 05/11/2004
|
|
Securing Microsoft's Internet Information Server 5.0 This paper will provide IIS administrators with the steps to secure their web server installations. Please note that although this paper deals with Windows 2000 and IIS 5 some of the following guidelines can be applied to older versions of those products.
By Ben White, 05/11/2004
|
|
Understanding IIS Vulnerabilities - Fix Them! The explosive growth of the Internet has had some unexpected consequences. One of the major consequences is a realization that the Internet paradigm and particularly the World Wide Web (WWW) paradigm provide a methodology of providing improved access to data. This paradigm works not only on the Internet but also for intranets. Now it describes the employment of Internet technology for enterprise-wide networks and the use of World Wide Web servers and browsers to collect and deliver data to enterprise functions next door and around the world. Intranets are being integrated with the Internet in many cases.
By Nor Azuwa Pahri, 05/11/2004
|
|
Securing a Windows 2000 IIS Web Server - Lessons Learned As more and more businesses go online, the demand for easy to implement, inexpensive web solutions substantially increases. The increased popularity of Microsoft solutions in the web server market can be attributed in part to this. There are many reasons why an organization would want to go with a Microsoft web server, as opposed to a Unix based Apache solution for example.
By Harpal Parmar, 05/11/2004
|
|
Using Microsoft's IISlockdown Tool to Protect Your IIS Web Server The topic of this paper is to give informational instructions on the IISlockdown tool. The paper will include information from the Great Lakes Sans conference, common exploits for IIS servers, best practices for installing the IISlockdown tool and information on tools used to test the server following the installation. The test system is a default installation of Windows 2000 Server current with all service packs and hotfixes.
By Jeff Wichman, 05/11/2004
|
|
Securing IIS within an Outook Web Access 2000 environment One method of accessing e-mail externally of the network is using Outlook Web Access (OWA). The purpose of this document is to show you how to harden the security on the Internet Information Service 5.0 (IIS 5.0) on a Windows 2000 server where OWA is running. Once this step has been completed, a detailed procedure on the installation and configuration of the SecureIIS software on the OWA server will be given.
By Dave Munger, 05/11/2004
|
|
Security Elements of IIS 6.0 Microsoft’s latest release of its web server product (IIS 6.0) has been dramatically improved upon over earlier versions. It was completely rearchitected and developed on the Windows Server 2003 platform. IIS 6.0 runs on the new Windows Server 2003 platform exclusively and has a Web Edition optimized for serving web content and applications. Improvements made in the product were designed for increased performance, reliability, scalability, and security. This discussion will focus on the security elements of IIS 6.0 as well as the security improvements made to those elements in this release.
By Anthony DeVoto, 05/11/2004
|
|
Page: 1 23 |
