Don't worry, the following 10 simple steps can let you rest assured. The following is the detailed introduction of the article, hope that we draw lessons from.
Use the following 10 steps to protect IIS:
1. Install an NTFS device specifically for IIS applications and data. If possible, do not allow iuser (or any other anonymous user name) to access any other device. If an application fails because an anonymous user cannot access a program on another device, immediately use Sysinternals's Filemon to detect which file is inaccessible, and then transfer the program to the IIS device. If this is not possible, iuser access is allowed and only the file can be accessed.
2. Set NTFS permissions on the device:
Developers = Full (all permissions)
Iuser = Read and execute only (read and Execute permissions)
System and admin = Full (all permissions)
3. Use a software _blank "> firewall to verify that no end user has access to ports other than port 80 on the IIS computer.
4. Lock your computer with the Microsoft tools: IIS Lockdown and URLScan.
5. Enable the IIS event log. In addition to using the IIS event log, if possible, try to enable event logging for the _blank > firewall.
6. Remove the log files from the default storage location and ensure that they are backed up. Create a duplicate copy of the log file to make sure that the copy placed in the second position is available.
7. Enable Windows auditing on your computer, because when we try to track the behavior of those attackers, we always lack enough data. The script then sends a report to the administrator by using the audit log and possibly even having a script to audit for suspicious behavior. This may sound a bit extreme, but if it's important for your organization to be safe, this is the best option. Establish an audit system to report any failed account logon behavior. Also, like the IIS log file, change its default storage location (C:\winnt\system32\config\secevent.log) to another location and make sure it has a backup and a duplicate copy.
8. Generally, do your best to find articles on security (from different places) and follow them in practice. In terms of IIS and security practices, they usually say something better than what you know, and don't just believe what other people (like me) tell you.
9. Subscribe to an IIS defect list message and keep reading it on time. One of the lists is the X-force Alerts and advisories of the Internet Security Systems (Internet Safety System)
10. Finally, make sure that you regularly update Windows and verify that the patches have been successfully installed.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
