In addition to the IIS 5.0 security checklist, Microsoft offers a number of other useful tools to ensure the security of IIS installations. Microsoft maintains a list of discovered vulnerability fixes. The list is comprehensive, but it's not prioritized, so you might be able to install some of the fixes you don't need.
Microsoft also wants to know about any security vulnerabilities you have found. But the company is hoping that when you report a vulnerability, do not disclose it before Microsoft finds a fix for the problem.
To quickly learn about other vulnerabilities in Windows 2000 and IIS, you can subscribe to the Microsoft Security Notification Service Newsletter. To subscribe to the newsletter, send an empty letter (blank message) to microsoft_security-subscribe-request@announce.microsoft.com. More details can be found here. This newsletter describes security issues that are posted at Microsoft or other sites. In addition, Microsoft outlines how to solve a problem, and they also provide relevant responses to the problem quickly.
Web site on server security
The following Web sites provide issues related to server security:
•
Carnegie Mellon CERT Coordination Center
•
Windows IT Security
•
SANS Institute Online
•
Beyond Security/securiteam
•
SecurityFocus
In addition to general information, Microsoft now offers a number of new tools to protect Web sites that are installed on Windows 2000. The Hot fix Checking Tool tool provided for IIS5.0 ensures that your site gets all the latest security fixes. It can display an error message when a security fix is missing, or write a warning message to the event log.
Another convenient tool provided by Microsoft is Windows Internet Server security Configuration Tool for Internet Information Server 5.0. By using a single consumer interface, it simplifies the complex procedures for registry settings (Registry settings) and security Policies in Security configuration. It uses a wizard-like user interface to understand your needs and then make configuration for the server.
The last security tool is the IIS secure planning Tool. This tool provides configuration options that are appropriate for the type of server you are setting up to help with proper security configuration. A complete list of available IIS security tools can be obtained from the Microsoft TechNet Web site.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
