This tip was submitted to the SearchSecurity.com Tip Exchange Contest by user Ross Tsolakidis. Let other users know how useful it is and help Ross win a prize by rating the tip below.
I've
Requires Free Membership to View
When you register, my team of editors will also send you the latest expert resources covering pertinent IT topics such as Windows server backup and recovery, server administration, storage management, infrastructure security, virtualization, Hyper-V, Active Directory and Group Policy.
Cathleen A. Gagne, Senior Editorial Director
seen a lot of people install a Windows 2000 server while the machine is connected to the
network (live IP address). What they are unaware of is as soon as the install is completed and the
Web server reboots, they are vulnerable to all the exploits that IIS has "out of the box," and that
is a LOT.
I've seen Web servers attacked within seconds of going live, i.e., Code Red Worm. You'd be surprised how many people do this!
Here's the way I install a server:
- I make sure the server is unplugged from the network while installing the OS.
- Once the OS install has been completed and the machine reboots, I stop IIS completely via the IIS console.
- Now I plug it into the network.
- Next, I update all the patches and Service Packs.
- I reboot the server, start IIS again and I'm done. If you do what I do, you won't have a
vulnerable Web server live on the Internet while you are patching it.
This was first published in March 2002