Before you connect your LBS delivery system to the public Internet, you should take the following steps to ensure the safety of your network.
- Apply the latest service pack to Windows 2000.
- Apply all known critical updates from http://www.microsoft.com/windowsupdate.
- Apply all known hotfixes from http://www.microsoft.com/security.
- Apply the IIS lockdown tools.
- Make sure you have not published the entire web site or the IP address on the ISA server. Instead, always use a destination to publish the site.
- Enable packet filtering on the ISA server with intrusion detection. Enabling this detection will ensure that no one will make an unsolicited TCP connection to your ISA server.
- Change the names of your administrators.
- Remove any sample and administration sites.
- In the IIS/Application mappings, remove everything but .wsdl.
- In /Network Connections/Advanced settings, disable the bindings for "file and printer sharing for Microsoft Networks" and "Client for Microsoft Networks" in the NIC connected to the public network.