How to safely install IIS

A SearchSecurity.com member offers this advice for safely installing Microsoft's IIS.



This tip was submitted to the SearchSecurity.com Tip Exchange Contest by user Ross Tsolakidis. Let other users know how useful it is and help Ross win a prize by rating the tip below.

 


I've seen a lot of people install a Windows 2000 server while the machine is connected to the network (live IP address). What they are unaware of is as soon as the install is completed and the Web server reboots, they are vulnerable to all the exploits that IIS has "out of the box," and that is a LOT.

I've seen Web servers attacked within seconds of going live, i.e., Code Red Worm. You'd be surprised how many people do this!

Here's the way I install a server:

  • I make sure the server is unplugged from the network while installing the OS.
  • Once the OS install has been completed and the machine reboots, I stop IIS completely via the IIS console.
  • Now I plug it into the network.
  • Next, I update all the patches and Service Packs.
  • I reboot the server, start IIS again and I'm done. If you do what I do, you won't have a vulnerable Web server live on the Internet while you are patching it.
This was first published in March 2002

Dig deeper on Microsoft Active Directory Design and Administration

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close