Step Summary

Previous page
Table of content
Next page

IIS is secure by default out of the box, but web servers are a combination of components (i.e., network environment, hardware, software, OS, and applications). Making sure that IIS and its running applications are secure means checking and verifying a lot of components beyond IIS. Here are the summarized steps that need to be performed to strongly harden an IIS server:

  1. Configure network/perimeter security.

  2. Ensure physical security.

  3. Install updated hardware drivers.

  4. Install the operating system.

  5. Configure the host firewall.

  6. Configure Remote Admin.

  7. Install IIS.

  8. Install patches.

  9. Harden the operating system.

  10. Configure and tighten IIS.

  11. Secure web site(s).

  12. Configure logging.

  13. Clean and test.

  14. Install and tighten applications.

  15. Conduct penetration tests.

  16. Deploy.

  17. Monitor log files.

Now we'll cover each of those steps in detail.


Previous page
Table of content
Next page
Professional Windows Desktop and Server Hardening
Professional Windows Desktop and Server Hardening (Programmer to Programmer)
ISBN: 0764599909
EAN: 2147483647
Year: 2004
Pages: 122
Authors: Roger A. Grimes
BUY ON AMAZON
ADO.NET 3.5 Cookbook (Cookbooks (OReilly))
The .NET Developers Guide to Directory Services Programming
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
Excel Scientific and Engineering Cookbook (Cookbooks (OReilly))
Sap Bw: a Step By Step Guide for Bw 2.0
The Oracle Hackers Handbook: Hacking and Defending Oracle
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy