Appendix F -- Secure Web Server Checklist

[Previous] [Next]

Appendix F

Secure Web Server Checklist

This appendix lists some recommendations and best practices to secure a server on the Web running Microsoft Windows 2000 and Internet Information Services (IIS) 5. The settings err on the side of security over functionality, and hence it's important that you carefully review the suggestions below and use them to derive your own corporate settings.

Those of you familiar with the Internet Information Server 4 checklist will notice that this list is much shorter than that checklist. This is due to two reasons:

  • Many of the Windows 2000 systemwide settings are configurable through the provided security template; there is no need to manually configure Registry settings.
  • Some of the less-secure default settings in Microsoft Windows NT 4 and Internet Information Server 4 are disabled by default in Windows 2000 and IIS 5.

The rest of this chapter is broken into the following parts:

  • General security considerations
  • Windows 2000 security considerations
  • IIS 5 security considerations
  • SQL Server security considerations


Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
ISBN: N/A
EAN: N/A
Year: 1999
Pages: 138

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net