Simplifying and Automating Security


This chapter has shown you how to manually configure security settings for an ASP.NET Web server. The manual process helps you to understand the configuration but can be time consuming Use the following resources to help automate the steps presented in this chapter:

  • For information on how to automate IISLockdown, see Microsoft Knowledge Base article 310725 "How To: Run the IIS Lockdown Wizard Unattended in IIS."

  • You can create and deploy security policies using security templates. For more information, see the following Microsoft Knowledge Base articles:

    • 313434, "How To: Define Security Templates in the Security Templates Snap-in in Windows 2000."

    • 309689, "How To: Apply Predefined Security Templates in Windows 2000."

    • 321679, "How To: Manage Security Templates in Windows 2000 Server."

  • For detailed guidance about customizing and automating security templates, see the Microsoft patterns & practices, Microsoft Solution for Securing Windows 2000 Server , at http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/prodtech/windows/secwin2k/default.asp .

    The Microsoft Solution for Securing Windows 2000 Server addresses the most common server roles, including domain controllers, DNS servers, DHCP servers, IIS Web servers, and File and Print servers. The approach used in this guide allows you to take a default Windows 2000 installation and then create a secure server, the precise configuration of which varies depending upon its role. Administrators can then consciously weaken security to satisfy the needs of their particular environment. The guide provides a foundation of baseline security recommendations that covers services, accounts, group policies, and so on, that you can use as a starting point for the common types of server roles.




Improving Web Application Security. Threats and Countermeasures
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
Year: 2003
Pages: 613

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net