Browse by Tags

All Tags » IIS (RSS)
Friday, February 17, 2006 7:26 PM

Clustering IIS and SQL on the Same Boxes

NO!!!! That pretty much summarizes my feelings on this topic. I have seen this proposed as a configuration before many times. The web guys say they need HA SQL for their web site data and then they figure that since they are getting a cluster that they...
Posted by cluster
Filed under: ,
Friday, August 05, 2005 12:59 PM

Hardening IP for IIS Servers - Original Posted Apr 5, 2005

Aahh, the joys of meeting SOX requirements… Tonight, I am having fun whipping together a script to apply to servers to meet SOX audit recommendations. This particular task is to harden IP on all IIS 6.0 server per KB 324270. I had been tasked with applying...
Posted by cluster
Filed under:
Friday, August 05, 2005 12:56 PM

IIS 6.0 Security - System Files, Management, Samples, and Help Files - Original Posted Mar 14, 2005

Yes, these are still a problem. In IIS 5.0, many organizations would perform an installation of IIS 5.0 and totally miss some pretty ugly potential vulnerabilities. The biggest of these include: Samples Help Files IIS Admin (HTML) Some common sense should...
Posted by cluster
Filed under:
Friday, August 05, 2005 12:55 PM

IIS Required Services - Original Posted Mar 14, 2005

I am still working on the final bits of my IIS 6.0 Security presentation for TechMentor in April. One of the pieces that seems to have a great deal of conflicting information is what services are required by IIS 6. So, here goes: Required Services include...
Posted by cluster
Filed under:
Friday, August 05, 2005 12:38 PM

IIS 6.0 Security - Original Posted Jan 28, 2005

Wow, there is a great deal of confusion on this subject. I asked a few people what they thought this topic is in their minds. I heard several differing views regarding what it means to secure IIS 6.0. So, what is it? Is it securing the server? Is it securing...
Posted by cluster
Filed under: