?
Solved

Securing iis by installing xp in a different folder

Posted on 2004-05-01
4
Medium Priority
?
296 Views
Last Modified: 2013-12-04
I am right in saying that this is not possible unless there is an existing xp installation already located in the C drive. For security reasons it is then possible to install another copy of xp in say H:/dppfddn/ which is supposed to make it hard for the hacker to find it. But then what happens to the other xp in the C drive. I have created the H:/dppfddn/ file by placing the hard disk in another machine but when I try to install xp into this directory on the original machine I can select the partition and select the drive H:/ but there is no way to select the dppfddn/ folder, the only choice I have is to overwrite the entire partition when I install xp.
In all the articles I have read about this issue they all mention this issue at the end rather than at the beginning. Does anyone know an article that gives clear instructionseft on this issue.
0
Comment
Question by:kempvet
  • 3
4 Comments
 
LVL 7

Expert Comment

by:rhrowson
ID: 10966999
You can move the inetpub directory by following these instructions from MS.

http://support.microsoft.com/default.aspx?scid=kb;en-us;261002
0
 
LVL 7

Assisted Solution

by:rhrowson
rhrowson earned 450 total points
ID: 10967000
By the way moving the Inetpub folder is security through obscurity. DO not neglect other things like patching the box up to date, hardening directories, the registry - the list goes on. MS have  alot of documentaiton on IIS hardening
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 300 total points
ID: 10967613
IIS lock down and best practices, like using AV, a firewall, and keeping up on M$ patches and updates... Security is a process not a program, and secruity through obsecurity is a small small small attempt to through someone off. The compromise will still happen to the RUNNING os even if you've managed to install another that looks similar... it won't fool IIS, or your hacker.
http://www.microsoft.com/downloads/details.aspx?FamilyID=DDE9EFC0-BB30-47EB-9A61-FD755D23CDEC&displaylang=en
http://www.securityfocus.com/infocus/1755
http://www.windowsecurity.com/articles/Locking_Down_IIS_60_with_NET_The_Default_Security_Wizard.html
(use apache as a webserver)
-rich
0
 
LVL 7

Assisted Solution

by:rhrowson
rhrowson earned 450 total points
ID: 10968358
As Rich says, go through the security process, whether it is Windows and IIS or Windoww snad apache, Linux and apache. (You get the picture). All OS's are vulnerable - just some are harder to break than others. NT4 is definitely a bit of a sieve and Windows 2000 pre SP3 is the same. Unfortuately Apache also has a range of vulnerabilities. Some of which are the same as for IIS and others are different.

People have written books on why to use one web server over another. You neeed to weigh the facilities you need, and your abilities to configure them before deciding which web server to use.
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Integration Management Part 2
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Suggested Courses
Course of the Month15 days, 2 hours left to enroll

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question