Securing IIS 5.0 Resource Guide
Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
Secure the Windows 2000 operating system, including installing all service packs and critical updates, as described in the Securing Windows 2000 Server Resource Guide.
Run the IIS Lockdown Tool, which includes URLScan. Customize the URLScan configuration to your application requirements.
Read the From Blueprint to Fortress: A Guide to Securing IIS 5.0 white paper.
Follow the steps in: Manage Security of Your Windows IIS Web Services.
Follow the Secure Internet Information Services 5 Checklist.
Review the National Security Agency’s Guide to the Secure Configuration and Administration of Microsoft Internet Information Services 5.0.
On This Page
Ongoing Security Maintenance
Additional Security Resources
Ongoing Security Maintenance
Without ongoing maintenance, your system can become vulnerable to new forms of attacks. Further, the security of your system will degrade over time due to human error of administrators managing the system. Follow these recommended steps on a regular basis:
Use the Baseline Security Analyzer regularly to scan and evaluate the security of your system.
Subscribe to the Microsoft Security Notification Service. This is a free email notification service that Microsoft uses to send information to subscribers about the security of Microsoft products.
Use the Microsoft Update Web site to check for the latest Recommended and Critical updates.
Configure Automatic Updates to automatically notify you of the availability of new security fixes. If possible, configure Automatic Updates to automatically download updates and install them without manual intervention. For more control over updates, use Microsoft Software Update Services, Microsoft Systems Management Server, or a similar solution to reduce the labor associated with deploying patches.
As new security fixes become available, it is important to apply these new fixes. Microsoft has created the Qchain tool to chain hotfixes together in order for only one reboot to be required when installing several fixes.