RE: IIS Locking down IIS

2002-01-04 Thread John Spencer
Start here: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/default.asp Then: Use URLscan **Be careful & read the documentation, there are ways to make it work with Frontpage -- just read the documentation!! http://www.microsoft.com/technet/treeview/default.asp?url

RE: Locking down IIS

2002-01-03 Thread Salman Siddiqui
Will Munkara-Kerr [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 7:22 PM To: [EMAIL PROTECTED] Subject: RE: Locking down IIS Although i am not going to try to sell you the benefits of apache over IIS, and if you are devoted to (or stuck with) using IIS, i would try out www.eeye.com '

RE: Locking down IIS

2001-12-29 Thread rusecure ???
Kelty'; [EMAIL PROTECTED] Subject: RE: Locking down IIS Beg pardon? No way to do that? What planet are you living on? > -Original Message- > From: Srecko Jovancevic [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 21, 2001 2:39 AM > To: James Kelty; [EMAIL PROTECTED]

RE: Locking down IIS

2001-12-29 Thread Brendon Crawford
gt; > From: Srecko Jovancevic > [mailto:[EMAIL PROTECTED]] > > Sent: Friday, December 21, 2001 2:39 AM > > To: James Kelty; [EMAIL PROTECTED] > > Subject: Re: Locking down IIS > > > > > > there is no way to do that and there are no books > to teech >

Re: Locking down IIS

2001-12-27 Thread jox
Hi A comment on the NSA guide is available on : http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=191992 grtz jox At 11:57 AM 12/21/2001 -0800, Mitch Bell wrote: >The best book I have seen is Securing Windows NT/2000 >servers for the internet from O'Reilly. Also the NSA >has some gui

RE: Locking down IIS

2001-12-27 Thread Robert Clark
Beg pardon? No way to do that? What planet are you living on? > -Original Message- > From: Srecko Jovancevic [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 21, 2001 2:39 AM > To: James Kelty; [EMAIL PROTECTED] > Subject: Re: Locking down IIS > > > there i

Re: Locking down IIS (Lets be fair!)

2001-12-27 Thread Yaakov Yehudi
AIL PROTECTED]> Sent: December 21, 2001 21:41 Subject: RE: Locking down IIS > Well, that would be a start, but Microsoft has a habit of suggesting the > "whitewash" method of security..."let's pretend there is nothing wrong"! > > I would suggest http://www.c

RE: Locking down IIS

2001-12-24 Thread Douglas Gullett
t! Happy New Year! Doug G > -Original Message- > From: David Carter [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 21, 2001 8:36 AM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: Re: Locking down IIS > > > Look at the vendors site. http://www.micros

RE: Locking down IIS

2001-12-24 Thread Brian McKinney
www.nsa.gov has some great documentation on securing windows 2000 and iis5. Hope that helps, Brian -Original Message- From: James Kelty [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 9:11 AM To: [EMAIL PROTECTED] Subject: Locking down IIS Hello! I was wondering if

Re: Locking down IIS

2001-12-24 Thread Mitch Bell
The best book I have seen is Securing Windows NT/2000 servers for the internet from O'Reilly. Also the NSA has some guides for locking down systems. http://nsa1.www.conxion.com/ --- James Kelty <[EMAIL PROTECTED]> wrote: > Hello! > > I was wondering if someone could point me in the > right direct

Re: Locking down IIS

2001-12-24 Thread Greg Rolling
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Check out http://www.sans.org/ and check out their "Securing Windows 2000 Step-By-Step." It is an excellent resource. The reading room at Sans.org is also full of good information. On Thu, 20 Dec 2001, James Kelty wrote: > I was wondering if som

Re: Locking down IIS

2001-12-21 Thread Srecko Jovancevic
patches - Original Message - From: "James Kelty" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, December 20, 2001 6:10 PM Subject: Locking down IIS > Hello! > > I was wondering if someone could point me in the right direction to books, > and

Re: Locking down IIS

2001-12-21 Thread Jeffrey Keyser
> Hello! > > I was wondering if someone could point me in the right direction to > books, and or web sites that will lay out the best way to lock down, > bastionize, a win2k/IIS 5.0 server. Thanks! > > -James "Securing WindowsNT/2000 For The Internet" by Stefan Norberg http://www.oreilly.com/ca

Re: Locking down IIS

2001-12-21 Thread David Carter
Look at the vendors site. http://www.microsoft.com/security . Microsoft has alot of White Papers on how to and best practices for securing W2K and IIS. Dave >From: "James Kelty" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Subject: Locking down IIS >Dat

RE: Locking down IIS

2001-12-21 Thread Will Munkara-Kerr
ecember 21, 2001 4:11 AM To: [EMAIL PROTECTED] Subject: Locking down IIS Hello! I was wondering if someone could point me in the right direction to books, and or web sites that will lay out the best way to lock down, bastionize, a win2k/IIS 5.0 server. Thanks! -James "This message is i

Locking down IIS

2001-12-20 Thread James Kelty
Hello! I was wondering if someone could point me in the right direction to books, and or web sites that will lay out the best way to lock down, bastionize, a win2k/IIS 5.0 server. Thanks! -James