Is Microsoft IIS really so "unsafe"? (3)

Source: Internet
Author: User
Tags file system iis strong password microsoft iis
This list of IIS 5.0 does not mention several other measures that can be used to protect any computer connected to the network. These measures are very basic, but often overlooked:

Cancel the "netbios over tcp/ip" setting at least on the transmitter (adapter) connected to the network.

Do not bind client and server-side services on the same adapter TCP/IP.

The more services are stopped on the server the better. Services that can be considered for deactivation include: Alerter, ClipBook server, DHCP client, Directory Replicator, FTP Publishing Service, License Logging service, Messen GER, Netlogon, network dde, network DDE DDM, network Monitor, remote Access Server, remote Procedure call Locator, Schedul e Server, Simple Services, Spooler, TCP/IP NetBIOS Helper, and telephone Service.

The use of good user management, adhere to the use of a secure password (strong password), remove such as "guest" and other useless accounts, the rights of anyone to control.

Nosratinia offers another less common recommendation. First, she recommends deleting the "administrator" account (or removing it from all team members forms) and creating a new administrator account with a rare name (odd name). She also recommends using the Encrypting File System for all online content (Encrypted file system,efs), so that even if an intruder can paralyze the system, it can at least prevent them from changing the content of the site.

Unlike the traditional practice of assigning permissions to a consumer group (group), Nosratinia recommends assigning permissions to a single user (individual) account. She said that in order to get into the system, the hacker had to "enter a user group with a higher privilege level than the account he was using." "The use of a single user's account (rather than a group of users) can be a deterrent in this process.


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.