[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

IIS Attacks

Posted on 2004-04-13
8
Medium Priority
?
256 Views
Last Modified: 2013-12-04
Hi,

I am new to IIS security and am wondering a couple of things:
1) We log the events of our iis machine, how can i tell if someone is trying to break into our server from the log files?
2) Is there any where i can find advice on security polices and implementation of iis?
0
Comment
Question by:cossy74
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 49

Assisted Solution

by:sunray_2003
sunray_2003 earned 1000 total points
ID: 10819245
0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 10819247
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 10819392
You can also check out what hacker behaviour looks like with a program like Nessus, as it is a popular hacker tool. Or implement and IDS like Snort. Gfi Languard network security scanner is also a valuable assessment threat tool. Nessus is more up2date and regular audits should be run often on your network. An IDS like snort can alert you in real-time when an attack may be occuring.  The links above did not mention the IIS lockdown tool... http://www.microsoft.com/windows2000/downloads/recommended/iislockdown/default.asp This can help alot... please test.
http://www.nessus.org/
http://www.gfi.com/lannetscan/
http://www.snort.org/
GL!
-rich
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 12

Expert Comment

by:trywaredk
ID: 10820859
How to secure your Internet Information server for Windows 2000 (IIS 5.0)
http://www.zensecurity.co.uk/default.asp?URL=IIS5

Comparing Microsoft Security and Acceleration (ISA) Server 2000 and Windows Xp Internet Connection Firewall
http://www.microsoft.com/isaserver/techinfo/planning/isaicfcompare.asp

HOW TO: Access Network Files from IIS Applications
http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/Q207/6/71.ASP&NoWebContent=1#8

IIS 5: HiSecWeb Potential Risks and the IIS Lockdown Tool (Q316347) - A security template for configuring IIS.
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q316347&id=Q316347

Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open
0
 
LVL 12

Accepted Solution

by:
trywaredk earned 1000 total points
ID: 10820863
CERT Coordination Center: How to recover an already compromised system
http://www.cert.org/tech_tips/win-UNIX-system_compromise.html

HACKYOURSELF scan: TCP Scan (65534 ports),UDP scan (800+ ports), and Netbios Scan
http://www.hackerwhacker.com/ 

IPEye is a freeware TCP port scanner
http://www.ntsecurity.nu/toolbox/ipeye/

Port scan: Get an instant security analysis now. You don't even need to know your own IP address!
http://www.dslreports.com/scan

Shields UP! quickly checks the SECURITY of YOUR computer's connection to the Internet.
https://grc.com/x/ne.dll?bh0bkyd2

Sygate free scanning your security: quick, stealth, trojan, tcp, udp, icmp
http://scan.sygatetech.com/

If you DO NOT NEED to share files across the Internet
http://grc.com/su-fixit.htm

Security Features of Internet Connection Sharing
http://support.microsoft.com/default.aspx?scid=kb;en-us;q241570
 
0
 

Author Comment

by:cossy74
ID: 10855738
I split the points because both where very helpful in the topic.. thanks
0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 10855753
Thanks so much
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10863095
:o) Glad we could help you - thank you for the points
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question