Determining Which IIS Services You Need


IIS is a bulky and sophisticated suite of programs. Although they're not more difficult than they need to be, considering what they do, they're also not "entry-level" programs. They require forethought and oversight to make them useful and to manage the security risk that comes with global accessibility. Two familiar laws of nature come into play here:

As the number of components in a system increases, the number of ways it can fail grows exponentially.

Anything that can go wrong will.

Applied to IIS, these laws mean that you should not install what you don't need. This is not advice to dismiss out of hand! This is a very serious concern: About half of the security problems that were identified in Windows over the last several years were found in IIS and its accessory programs. The problem is that bugs in IIS can let random outside people examineor worse, modifyfiles on your computer. Your PC could be taken over and used to commit fraud, send spam, or distribute pornography. The less of IIS you activate, the less of a chance some not-yet-identified security flaw will catch you by surprise.

Enough lecturing, now: What do you need?

World Wide Web

The World Wide Web service delivers static and dynamic Web pages and also offers file and document pickup (via Web pages or directory listings), database interactivity, and just about any other sort of information sharing. This is the core of IIS. If you can't or don't want to use a commercial or other hosting service for your pages, or if you want to host Web pages, develop Web applications, or share folders using the Web model, you should install the WWW service.

FrontPage 2000 Extensions

You should install the FrontPage 2000 Extensions if you want to do any of the following:

  • Use FrontPage (any version) or Microsoft Office to develop Web pages

  • Use your WWW service to use FrontPage's searching or form-handling extensions

  • Copy files to and from your computer via the Internet, using Internet Explorer and Web Sharing

The Extensions provide a way for Web-enabled applications to publish, or deliver, the composed HTML file and graphics to the Web server's online folders. Thus, the author doesn't have to manually drag files into the WWW folders or use the evil FTP service to copy them there. FrontPage Extensions also provide HTML Form processing services, in the form of some special CGI (Common Gateway Interface, or Web server extension) programs that can record or email form responses, as well as index or searching services that let Web site viewers search your Web site for keywords or phrases. They also include as standard equipment a CGI-based Web page system to manage your printers.

NOTE

If you want to learn more information about using the FrontPage Extensions, I recommend that you pick up a copy of Special Edition Using Microsoft FrontPage 2003, published by Que.


TIP

If you use Microsoft Office 2000 or XP for collaborative projects, you might want to use the Office Server Extensions in addition to or instead of the FrontPage Extensions. The Office Server Extensions provide all the functions of the FrontPage Extensions, with additional services for Office users. You can get them with the Microsoft Office XP Pro SE or Developer editions. For more information visit support.microsoft.com and search the knowledge base for "Q235027".


FTP

FTP allows remote users to retrieve or deliver files to your computer. FTP, which is one of the original Internet applications, is available on virtually every Internet-connected system, from mainframe to Macintosh to PC, so it's really handy for file transfers between Windows and non-Windows computers. But the decision to install FTP should not be made lightly because FTP can create some severe security risks.

FTP permits two types of access: anonymous and authenticated. Anonymous access doesn't require a password and should be used to share folders for file-pickup only; you must never allow users from the Internet at large to write files to your computer (lest you find one day that someone has made your computer one of the Internet's prime repositories and distributors of pornography).

You can allow remote users to deliver files to your computer using authenticated access, but FTP doesn't encrypt passwords sent over the Internet, so this method is a security risk. The login name and password used are exposed while they are in transit over the Internet.

In most cases, if you only want to distribute files to the general public, you don't need to install FTP. The World Wide Web service can do the job nicely. The only two reasons to install FTP are as follows:

  • You need to let remote users pick up files from your computer, and their computers might not have Web browser software.

  • You need to let remote users deliver files to your computer, and their computers aren't running Windows.

If you decide to install FTP, you must understand the security consequences and take great care configuring the service and the folders it makes public. We'll discuss the risks and configuration issues in excruciating detail later. You might want to read that discussion before you make your decision.

SMTP Mail

The SMTP Mail service provided with IIS can be used to send email from Web pages, ASP scripts, and FrontPage or Office Server Extensions. However, this is not a good reason to install it. You can configure mail-sending scripts and the Server Extensions to use your company's or ISP's outbound SMTP mail server. The SMTP service doesn't provide you with mailboxes or any of the other user-side services that an email system needs. If you want to host your own email system, you need to purchase a commercial email server such as Microsoft Exchange Server or download a free or shareware mail server system.

The only reason to install the SMTP Mail component is if you want to develop and test applications using the Microsoft Message Queueing (MSMQ) Service.

Other Components

With the exception of the Visual InterDev RAD Remote Deployment service, the other components of IIS, such as online documentation and the Management Snap-In, are all handy to have. As Martha Stewart would say, "They are good things." I recommend installing them, and we'll go over their use later.

The RAD Remote Deployment service is a testing tool that's only useful if you are a Visual InterDev developer. Everyone else should skip installing it.

There is also an option for installing a Scripts directory. If you currently use or develop CGI programs or scripts, install the Scripts directory. Otherwise, follow the "if you don't need it, don't install it" rule and leave it out for now. You can always install it later on if you decide you want to develop script programs.



Special Edition Using Microsoft Windows XP Professional
Special Edition Using Microsoft Windows XP Professional (3rd Edition)
ISBN: 0789732807
EAN: 2147483647
Year: 2003
Pages: 450

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net