|
Home > Archive > IIS Server Security > January 2004 > New to IIS Security
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
New to IIS Security
|
|
| Darkangel 2004-01-24, 2:02 am |
| Hello All,
I am new to the world of IIS.
I have heard a lot about the hacking on IIS server.
I would appreciate if some body can please show me some guides, where
in i can not only test my server by breaking into it but also harden
it.
I want a sort of how-to book where in i can get to know what settings
i do, can make me wrong and that can make my server insecure.
Like if i host my website where every group has got full control. I
know it is dangerous but how can my server be hacked then? I want to
know that.
Thanks
Darkangel.
| |
| Jeff Cochran 2004-01-24, 2:02 am |
| On 22 Jan 2004 06:41:10 -0800, darkangelforyou2003@yahoo.com
(Darkangel) wrote:
quote:
>I am new to the world of IIS.
>I have heard a lot about the hacking on IIS server.
>I would appreciate if some body can please show me some guides, where
>in i can not only test my server by breaking into it but also harden
>it.
>I want a sort of how-to book where in i can get to know what settings
>i do, can make me wrong and that can make my server insecure.
>
>Like if i host my website where every group has got full control. I
>know it is dangerous but how can my server be hacked then? I want to
>know that.
You want:
http://securityadmin.info/
http:/www.microsoft.com/technet/security
http://www.iisfaq.com/
Plus a lot of basic Windows security info is needed, a good admin book
will help there.
Jeff
| |
| Darkangel 2004-01-24, 2:02 am |
| Thanks
For your suggestion pal, but if you can still tell me where can i find
various expolits and how can they work in my test environment can help
me a lot.
Using these steps i will always be ahead of the hackers who might try
to bring my site down.
Darkangel
hran.nospam@naplesgov.com (Jeff Cochran) wrote in message news:<40104307.625551815@msnews.microsoft.com>...quote:
> On 22 Jan 2004 06:41:10 -0800, darkangelforyou2003@yahoo.com
> (Darkangel) wrote:
>
>
> You want:
>
> http://securityadmin.info/
> http:/www.microsoft.com/technet/security
> http://www.iisfaq.com/
>
> Plus a lot of basic Windows security info is needed, a good admin book
> will help there.
>
> Jeff
| |
| Jeff Cochran 2004-01-24, 2:02 am |
| On 22 Jan 2004 21:25:21 -0800, darkangelforyou2003@yahoo.com
(Darkangel) wrote:
quote:
> Thanks
quote:
>For your suggestion pal,
You're welcome "bud". Though I'm not certain I'm interested in being
your "pal".
quote:
>but if you can still tell me where can i find
>various expolits and how can they work in my test environment can help
>me a lot.
I don't know your test environment, but any search through the various
hacker/cracker resources will give you plenty. Those you'll need to
delve into on your own, though if you'd actually used Google to search
for "hack IIS" you wouldn't be asking this question.
quote:
>Using these steps i will always be ahead of the hackers who might try
>to bring my site down.
No you won't. Anytime you find hacker information, it's already being
used. You'll always be behind in the game. Besides, why would you
think one guy, even working double shifts, could ever get ahead of
thousands of individuals with varying talents, many of whom are
smarter, more experienced and more determined than you?
Jeff
[QUOTE][color=darkred]
>Darkangel
>
>
>hran.nospam@naplesgov.com (Jeff Cochran) wrote in message news:<40104307.625551815@msnews.microsoft.com>...
|
|
|
|
|