In general, follow these best practices:
1) Install all service packs
2) Install all hotfixes that may apply to your site
3) Install URLScan (once you understand how it works): http://www.microsoft.com/Downloads/Release.asp?ReleaseID=32571
4) Restrict NTFS file permissions
5) Remove any unwanted application mappings
Regarding troubleshooting the problem you're having with authentication, first verify that anonymous authentication is enabled. To do this, check the Security tab of your Website's properties. If that's enabled, verify that the anonymous IIS user is enabled and has Read access to the files your users are attempting to access.
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.