I have an application running on the default Web instance in IIS.  My
question is that if I installed application on the default instance of IIS i
s
there any security breaches or questions for concern by having it installed
on the first default Web instance.  I would think that by changing the name
of this first instance that there would be no difference then creating in
other instance called "ABC".  If anyone could please comment on this you
would be very appreciated also if this is a security breach does anybody hav
e
any Microsoft documents to say that it is or better yet it's not

Regards,

Brian

[ Post a follow-up to this message ]

On Wed, 24 Aug 2005 06:02:37 -0700, "Brian"
<Brian@discussions.microsoft.com> wrote:

>I have an application running on the default Web instance in IIS.  My
>question is that if I installed application on the default instance of IIS 
is
>there any security breaches or questions for concern by having it installed
>on the first default Web instance.  I would think that by changing the name
>of this first instance that there would be no difference then creating in
>other instance called "ABC".  If anyone could please comment on this you
>would be very appreciated also if this is a security breach does anybody ha
ve
>any Microsoft documents to say that it is or better yet it's not

All instances have the same security issues.  There's nothing special
about the default site.  If you're worried, and there's no reason to
be more worried than with any other site, delete the default site then
create a new one.

Jeff

[ Post a follow-up to this message ]

Thanks Jeff,

I just need to hear this from someelse other then myself.  Have you used the
MS IIS harding utility?

"Jeff Cochran" wrote:

> On Wed, 24 Aug 2005 06:02:37 -0700, "Brian"
> <Brian@discussions.microsoft.com> wrote:
> 
>
> All instances have the same security issues.  There's nothing special
> about the default site.  If you're worried, and there's no reason to
> be more worried than with any other site, delete the default site then
> create a new one.
>
> Jeff
>

[ Post a follow-up to this message ]

On Mon, 29 Aug 2005 20:18:03 -0700, "Brian"
<Brian@discussions.microsoft.com> wrote:

>Thanks Jeff,
>
>I just need to hear this from someelse other then myself.  Have you used th
e
>MS IIS harding utility?

It's a checklist really.  And you need to look at what you're changing
and understand what it does, since following the checklists will limit
some functionality.  Which is fine if you don't need that
functionality.

Jeff
[vbcol=seagreen]
>"Jeff Cochran" wrote:
> 

[ Post a follow-up to this message ]