Just make sure you get the latest FP Ext. 2003 off of
http://office.microsoft.com/frontpage or wherever it is. If you need it I
can e-mail you our file, not sure if it is the latest anymore. I think there
is another file with it that patchs some holes.
----- Original Message -----
From: "Ross Nelson" <ross@xxxxxxxxxxxxxx>
To: <computertalkshop@xxxxxxxxxxxxx>
Sent: Thursday, December 01, 2005 12:11 AM
Subject: [CTS] Re: IIS 5 on LAN
On Nov 30, 2005, at 1:34 PM, Hal wrote:
I have installed a copy of Win 2K server on a computer for my use only. I want to work with .net applications and I have installed the SDK on this server as well. It is only for serving pages to me. Although I have worked with other services of Win 2k server (file, application, print, etc) I don't know a lot about IIS. I don't want to serve pages to the outside. And yes, I have it working fine.
Naturally, I have a firewall between me and the Internet. There is no port forwarding configured in the router (using a SonicWall).
Q: Is there any way - other than some obscure hacking technique - that anyone could get to my system from the Internet?
Aside from the obvious (trojans), they would need to connect to the system through either something that's forwarded to it already (for instance, exploit some vulnerability in the file sharing...just made that up as an example, haven't been following Windows vulns for a while) or hop through another system to get to it. The latter is too much work for most people to go through and requires that they break into that system first.
Q: Is there anything else I should do to secure this server? From the outside, of course.
http://www.sun.com/software/solaris/get.jsp http://www.freebsd.org/where.html
But seriously, not that I'm by any means an expert on security, and I haven't played much with IIS, but given what you're doing with it, I'd say you're good. I have it running on my 2003 Server system for Exchange and that's all I do. Obviously, if you're going to start doing this for other people or decide to host sites for yourself/ others on the box, read a book or thirty on security, IIS, securing IIS, and so forth. But, from my worthless little viewpoint, that's good enough.
I don't see how there could be a problem, but...
Hindsight is 20/20. :-) ** YOUR HELP IS URGENTLY NEEDED ** DONATE to Hurricane Katrina victims: http://www.redcross.org/ DONATE Housing (Spare room, shelter) http://www.hurricanehousing.org/
--------------------------------------------------------------------------- Computer Talk Shop http://www.computertalkshop.com Un-subscribe/Vacation, http://www.computertalkshop.com/list_options.htm
List HowTo: http://www.computertalkshop.com/faq.htm
To join Computer Talk Shop's off topic list, please goto: http://computertalkshop.com/other_cts_lists.htm ---------------------------------------------------------------------------
** YOUR HELP IS URGENTLY NEEDED ** DONATE to Hurricane Katrina victims: http://www.redcross.org/ DONATE Housing (Spare room, shelter) http://www.hurricanehousing.org/
--------------------------------------------------------------------------- Computer Talk Shop http://www.computertalkshop.com Un-subscribe/Vacation, http://www.computertalkshop.com/list_options.htm
List HowTo: http://www.computertalkshop.com/faq.htm
To join Computer Talk Shop's off topic list, please goto: http://computertalkshop.com/other_cts_lists.htm ---------------------------------------------------------------------------
