• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 299
  • Last Modified:

Securing iis by installing xp in a different folder

I am right in saying that this is not possible unless there is an existing xp installation already located in the C drive. For security reasons it is then possible to install another copy of xp in say H:/dppfddn/ which is supposed to make it hard for the hacker to find it. But then what happens to the other xp in the C drive. I have created the H:/dppfddn/ file by placing the hard disk in another machine but when I try to install xp into this directory on the original machine I can select the partition and select the drive H:/ but there is no way to select the dppfddn/ folder, the only choice I have is to overwrite the entire partition when I install xp.
In all the articles I have read about this issue they all mention this issue at the end rather than at the beginning. Does anyone know an article that gives clear instructionseft on this issue.
0
kempvet
Asked:
kempvet
  • 3
3 Solutions
 
rhrowsonCommented:
You can move the inetpub directory by following these instructions from MS.

http://support.microsoft.com/default.aspx?scid=kb;en-us;261002
0
 
rhrowsonCommented:
By the way moving the Inetpub folder is security through obscurity. DO not neglect other things like patching the box up to date, hardening directories, the registry - the list goes on. MS have  alot of documentaiton on IIS hardening
0
 
Rich RumbleSecurity SamuraiCommented:
IIS lock down and best practices, like using AV, a firewall, and keeping up on M$ patches and updates... Security is a process not a program, and secruity through obsecurity is a small small small attempt to through someone off. The compromise will still happen to the RUNNING os even if you've managed to install another that looks similar... it won't fool IIS, or your hacker.
http://www.microsoft.com/downloads/details.aspx?FamilyID=DDE9EFC0-BB30-47EB-9A61-FD755D23CDEC&displaylang=en
http://www.securityfocus.com/infocus/1755
http://www.windowsecurity.com/articles/Locking_Down_IIS_60_with_NET_The_Default_Security_Wizard.html
(use apache as a webserver)
-rich
0
 
rhrowsonCommented:
As Rich says, go through the security process, whether it is Windows and IIS or Windoww snad apache, Linux and apache. (You get the picture). All OS's are vulnerable - just some are harder to break than others. NT4 is definitely a bit of a sieve and Windows 2000 pre SP3 is the same. Unfortuately Apache also has a range of vulnerabilities. Some of which are the same as for IIS and others are different.

People have written books on why to use one web server over another. You neeed to weigh the facilities you need, and your abilities to configure them before deciding which web server to use.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now