Solved

Securing iis by installing xp in a different folder

Posted on 2004-05-01
4
292 Views
Last Modified: 2013-12-04
I am right in saying that this is not possible unless there is an existing xp installation already located in the C drive. For security reasons it is then possible to install another copy of xp in say H:/dppfddn/ which is supposed to make it hard for the hacker to find it. But then what happens to the other xp in the C drive. I have created the H:/dppfddn/ file by placing the hard disk in another machine but when I try to install xp into this directory on the original machine I can select the partition and select the drive H:/ but there is no way to select the dppfddn/ folder, the only choice I have is to overwrite the entire partition when I install xp.
In all the articles I have read about this issue they all mention this issue at the end rather than at the beginning. Does anyone know an article that gives clear instructionseft on this issue.
0
Comment
Question by:kempvet
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 7

Expert Comment

by:rhrowson
ID: 10966999
You can move the inetpub directory by following these instructions from MS.

http://support.microsoft.com/default.aspx?scid=kb;en-us;261002
0
 
LVL 7

Assisted Solution

by:rhrowson
rhrowson earned 150 total points
ID: 10967000
By the way moving the Inetpub folder is security through obscurity. DO not neglect other things like patching the box up to date, hardening directories, the registry - the list goes on. MS have  alot of documentaiton on IIS hardening
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 100 total points
ID: 10967613
IIS lock down and best practices, like using AV, a firewall, and keeping up on M$ patches and updates... Security is a process not a program, and secruity through obsecurity is a small small small attempt to through someone off. The compromise will still happen to the RUNNING os even if you've managed to install another that looks similar... it won't fool IIS, or your hacker.
http://www.microsoft.com/downloads/details.aspx?FamilyID=DDE9EFC0-BB30-47EB-9A61-FD755D23CDEC&displaylang=en
http://www.securityfocus.com/infocus/1755
http://www.windowsecurity.com/articles/Locking_Down_IIS_60_with_NET_The_Default_Security_Wizard.html
(use apache as a webserver)
-rich
0
 
LVL 7

Assisted Solution

by:rhrowson
rhrowson earned 150 total points
ID: 10968358
As Rich says, go through the security process, whether it is Windows and IIS or Windoww snad apache, Linux and apache. (You get the picture). All OS's are vulnerable - just some are harder to break than others. NT4 is definitely a bit of a sieve and Windows 2000 pre SP3 is the same. Unfortuately Apache also has a range of vulnerabilities. Some of which are the same as for IIS and others are different.

People have written books on why to use one web server over another. You neeed to weigh the facilities you need, and your abilities to configure them before deciding which web server to use.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, a new law in my state forced us to get a top-to-bottom analysis of all of our contract client's networks. While we have documentation, it was spotty at best for some - and in any event it needed to be checked against reality. That was m…
This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question