+612 9045 4394
CYA Securing IIS 6.0 - Chris Peiris

Paperback Published: 1st May 2004
ISBN: 9781931836258
Number Of Pages: 352

Share This Book:


or 4 easy payments of $26.81 with Learn more
Ships in 7 to 10 business days

Coverage includes: Script Source Access, Information Disclosure, Denial of Service, Buffer Overflows, Directory Traversal, Cross-Site Scripting, Preparing the Operating System, Partitioning Hard Drives, Installing th e OS, Preparing the File System, Installing IIS, Installing Hotfixes, Lo cking Down COM and Database Access, Securing Web Services, Running the I IS Lockdown Wizard, Securing IIS Global Settings, Securing the Default a nd Administration Web Sites, Disabling Internet Printing, Disabling or S ecuring the FrontPage Server Extensions, Configuring URLScan, Securing W eb Sites, Building a Directory Structure, Setting Master WWW Properties, Securing by Content Type, Authenticating Users, Using Anonymous Authent ication, Using Basic Authentication, Using Digest Authentication, Using Integrated Windows Authentication, Using Client Certificate Mapping, Pub lishing Web Content, Staging and Review, Setting File Attributes, Buildi ng File Checksums, Moving Content versus Updating Content, Summary, Solu tions Fast Track, Frequently Asked Questions

About the Bookp. xvii
Introducing IIS 6.0p. 1
In this Chapterp. 1
IIS 6.0 Enhancementsp. 2
Increased Reliability and Availabilityp. 2
Manageability Improvementsp. 3
Scalability and Performance Improvementsp. 5
Increased Securityp. 7
Understanding IIS 6.0 Architecturep. 10
Services Provided by IIS 6.0p. 10
HTTP.SYS Kernel Mode Driverp. 12
Inetinfo.exe Process and the IISAdmin Servicep. 12
The World Wide Web (WWW) Publishing Servicep. 14
Application Processing Modesp. 14
IIS 6.0 Worker Process Isolation Modep. 14
IIS 5.0 Isolation Modep. 17
Your A** is Covered if Youp. 19
Hardening Windows Server 2003p. 21
In this Chapterp. 21
Get Secure and Stay Securep. 22
Networking Environmentp. 23
Patches and Updatesp. 25
Windows Servicesp. 28
User Accounts and Groupsp. 29
File Systemp. 30
Auditing and Loggingp. 32
Staying Securep. 34
Secure IIS Checklistp. 35
A Final Word on Securityp. 37
Knowing the Enemy and What They Wantp. 38
Your A** is Covered if You...p. 38
Installing Internet Information Services (IIS) 6.0p. 39
In this Chapterp. 39
Installing IIS 6.0 Using the Configure Your Server Wizardp. 40
Installing or Modifying IIS 6.0 Using the Add/Remove Programs Control Panelp. 44
Installing IIS 6.0 Using Automated Installation (Unattended Setup)p. 49
Installing IIS 6.0 During the Windows 2003 Server Setupp. 50
Installing IIS 6.0 After the Windows 2003 Server Setupp. 54
Upgrading IIS 5.0 to IIS 6.0p. 55
Post-Installation Informationp. 56
After Installation: Locating the Administrative Toolsp. 59
IIS Managerp. 60
Application Server MMCp. 61
The Remote Administration Websitep. 62
Sharepoint Administration Websitep. 62
Your A** is Covered if You...p. 64
Configuring Basic Web Server Securityp. 65
In this Chapterp. 65
Enabling and Disabling Web Service Extensionsp. 66
Configuring Multipurpose Internet Mail Exchange Typesp. 70
Configuring IP Address Restrictionsp. 75
Setting Website Permissionsp. 81
Securing Web Resourcesp. 87
Enabling and Securing Web Access Log Filesp. 98
Your A** is Covered if You...p. 114
Advanced Web Server Security Configurationp. 115
In this Chapterp. 115
Configuring Authenticationp. 116
The Authentication Processp. 117
Configuring Anonymous Authenticationp. 118
Configuring Basic Authenticationp. 120
Configuring Digest Authenticationp. 122
Configuring Advanced Digest Authenticationp. 125
Configuring Integrated Windows Authenticationp. 126
Configuring UNC Authenticationp. 131
Passport Authenticationp. 132
Configuring SubAuthenticationp. 132
Configuring Delegationp. 133
Configuring IIS User Accountsp. 135
IIS 6.0 Running in Worker Process Modep. 136
Changing the Process Identity of a Web Application Poolp. 138
Other User Accounts--IUSR_[left angle bracket]machinename[right angle bracket]p. 139
IIS 6.0 Running in IIS5 Isolation Modep. 139
IWAM_[left angle bracket]computername[right angle bracket] Accountp. 141
ASPNET Accountp. 142
IUSR_[left angle bracket]machinename[right angle bracket]p. 142
Configuring URLScanp. 142
Configuring URLScan.inip. 143
Other Sectionsp. 148
Configuring Your Server to Use SSLp. 150
Generating a Certificate Requestp. 153
Submitting a Certificate Requestp. 156
Installing an Issued Certificatep. 158
Managing your Website Certificatesp. 160
Configuring IIS SSL Optionsp. 161
Configuring URL Authorization with the Authorization Managerp. 163
Creating the Authorization Storep. 164
Configuring Access to the Authorization Storep. 166
Creating a New Applicationp. 166
Creating an Operationp. 167
Creating a Scopep. 168
Creating a Rolep. 169
Configuring IIS 6.0p. 172
Testing the Authorization Storep. 175
Configuring Custom Error Messagesp. 175
The Default ASP Error Messagep. 176
Configuring a Basic ASP Error Messagep. 178
Configuring a Custom ASP Error Messagep. 179
Configuring a Custom ASP.NET Error Messagep. 182
Securing Include Filesp. 184
Disabling Parent Pathsp. 187
Configuring IP Address, TCP Port and Host-Header combinationsp. 189
Your A** is Covered if You...p. 192
Securing Application Poolsp. 195
In this Chapterp. 195
Application Poolsp. 196
Creating Application Poolsp. 198
Configuring Application Poolsp. 198
Configuring Application Pool Identitiesp. 200
Isolating Web Applicationsp. 203
Understanding User Impersonationp. 207
Your A** is Covered if You...p. 209
Securing FTP Sitesp. 211
In this Chapterp. 211
Configuring FTP Sitesp. 212
Relocate the Default FTP Root Pathp. 213
Configure FTP Messagesp. 214
Configure the FTP Directory Output Stylep. 216
Securing FTP Resourcesp. 216
Configuring FTP User Isolationp. 221
Do NOt Isolate Usersp. 222
Isolate Usersp. 223
Isolate Users Using Active Directoryp. 224
Securing the FTP Connectionp. 227
Enabling and Securing the FTP Access Log Filep. 232
Your A** is Covered if You...p. 238
Securing SMTP and POP3 Servicesp. 239
In This Chapterp. 239
Configuring SMTP Virtual Serversp. 240
Creating Additional SMTP Serversp. 241
Configuring Additional Domainsp. 242
Configuring SMTP Server Foldersp. 244
Enable Loggingp. 246
Other Configuration Optionsp. 249
SMTP Virtual Server Securityp. 252
Configuring Authenticationp. 253
Configuring Connection Controlsp. 254
Configuring Transport Layer Securityp. 256
Configuring Relay Controlsp. 257
Configuring and Securing the POP3 Serverp. 260
Initial Configurationp. 262
Configuring Mailboxesp. 265
Your A** is Covered if You...p. 267
Securing NNTP Virtual Serversp. 269
In this Chapterp. 269
Configuring NNTP Virtual Serversp. 270
Managing NNTP Newsgroupsp. 279
Securing NNTP Newsgroupsp. 287
Enabling and Securing NNTP Access Log Filesp. 296
Your A** is Covered if You...p. 302
Securing Certificate Servicesp. 303
In this Chapterp. 303
Understanding Certificate Servicesp. 304
Certificate Authority and its Structurep. 306
Configuring Certificate Servicesp. 308
Configuring Your Certificate Authorityp. 308
Securing Certificate Services Web Enrollment Supportp. 317
Web Enrollment Virtual Directory Permissionsp. 318
Authenticating Web Enrollmentp. 319
Restricting Access to Protect your Web Enrollmentp. 320
Monitoring Certificate Services Web Enrollment Accessp. 323
Your A** is Covered if You...p. 324
Securing Web Publishingp. 327
In This Chapterp. 327
Configuring and Securing WebDAV Publishingp. 328
Installing and Enabling WebDAVp. 328
Configuring and Securing WebDAVp. 330
Configuring and Security FrontPage Server Extensionsp. 335
Installing FrontPage Server Extensionsp. 336
Enabling FPSE Authoringp. 338
Securing your FPSE Virtual Hostp. 342
Your A** Is Covered If You...p. 347
Securing Internet Printingp. 347
In this Chapterp. 347
Configuring Internet Printingp. 348
Securing Internet Printingp. 354
Monitoring Internet Printing Accessp. 357
Your A** is Covered if You...p. 359
Monitoring Internet Information Services (IIS) 6.0p. 361
In this Chapterp. 361
Monitoring Site Activities Loggingp. 362
Monitoring Event Viewer Loggingp. 367
Monitoring HTTP API Error Loggingp. 373
Monitoring URLScan Loggingp. 380
Your A** is Covered if You...p. 384
Indexp. 385
Table of Contents provided by Ingram. All Rights Reserved.

ISBN: 9781931836258
ISBN-10: 1931836256
Audience: Professional
Format: Paperback
Language: English
Number Of Pages: 352
Published: 1st May 2004
Publisher: Syngress Media,U.S.
Country of Publication: US
Dimensions (cm): 22.9 x 15.2  x 2.44
Weight (kg): 0.55