Solved

IIS security question

Posted on 2006-06-22
4
182 Views
Last Modified: 2011-09-20
I currenty have my email gateway server running on a windows 2003 server.  I'm using GFI Mail Essentials/Security for my spam/virus/trojan scanner.  This server is also a front end Exchange server.  It provides OWA access to my remote users.  OWA is being accessed via SSL.  This leaves only the SMTP and SSL ports open on the firewall to this server.  I'm wanting to move my intranet website to this server.  It will be only accessible from within the LAN.  I will NOT be opening up port 80 on the firewall.  This this an okay configuration in regards to security, or, should I look at adding another layer of security?
0
Comment
Question by:gopher_49
  • 2
  • 2
4 Comments
 
LVL 34

Expert Comment

by:Dave_Dietz
ID: 16962362
I personally do not see any particular problem with this.

It will not reduce security on the server but it may increase the damage that can be done if someone does manage to penetrate the server.

Dave Dietz
0
 

Author Comment

by:gopher_49
ID: 16969182
What can I do to monitor the security of IIS and to help moderate the damage if the server is compromised.  I guess once it's penetrated it's a done deal...  I know of the IIS lock down tool, and the url scanner, however, what else is there to improve the security of IIS?
0
 
LVL 34

Accepted Solution

by:
Dave_Dietz earned 250 total points
ID: 16972262
Neither the IIS lockdown tool or URLScan improves the security of IIS 6.0 - their basic functionality is already built into IIS 6.0.

IIS 6.0 installs in a locked down configuration by default.  As long as you only enable the features your site requires you shouldn't really need to do anything else aside from make sure you stay current with security updates.

Beyond that I would suggest checking the logs routinely for suspect behavior, but if you wil only be accessing the Intranet site from within your own network you shouldn't need to worry too much.

As far as moderting the damage - not sure what to say here aside from make sure the machine is *not* a DC or else a penetration will have domain wide effects and be sure to properly permission all content so that if the penetration doesn't involve an admin account the perpetrator can't access everything.

Dave Dietz
0
 

Author Comment

by:gopher_49
ID: 16972717
thanks.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn about cloud computing and its benefits for small business owners.
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question