>Can you throw us bone, and point us to some information on how to
strip
down a CF, IIS Server?
With Win2k and NT4.0 the steps are mostly the same. I will use Win2k
as an
example.
For the hole server:
-In the IIS admin console get properties for the server.
-In Master Properties "box" select Master Properties for "WWW
Service",
click edit.
-Find the home directory tab, click on it
-Find the Configuration button, click on it.
-Under application mappings I remove all but .cfm. Note: only remove
the
ones you are not using. If you are using the Indexing service apply
all of
the indexing services patches.
Note: When you install services packs or if you add a component to
windows
with the windows setup program these mapping will most likely sneak
back in.
So, get in the habit of checking these mapping each time you install
software in the box.
Hope this helps
Mark W. Breneman
-Cold Fusion Developer
-Network Administrator
Vivid Media
[EMAIL PROTECTED]
www.vividmedia.com
608.270.9770
-----Original Message-----
From: Surma [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 19, 2001 8:31 AM
To: CF-Talk
Subject: Re: CF trojen? BackdoorJY.sv
>Rather than relying on Microsoft
> patches, you'll get better mileage out of properly configuring your
servers
> up front. Here's a little secret of mine. I don't bother installing
most
of
> the IIS patches when they come out. I don't have to, because they
patch
> things that I've already disabled or removed. I can wait until
everyone
else
> has regression-tested the patch on their production web servers.
Can you throw us bone, and point us to some information on how to
strip down
a CF, IIS Server?
Lee Surma
[EMAIL PROTECTED]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
