Building a Windows 2003 DMZ Server without ISA
Web Server forum
Back To The Forum Home!Search!Private Messaging System
Visit your User Control Panel!Register your FREE username now!Visit Our Calendar!View the Member List!Faqs!Search our Forums!

Web Server Talk Web Server Talk > Web Servers reviews > IIS server support > IIS Server Security > Building a Windows 2003 DMZ Server without ISA




  Last Thread   Next Thread Next
  Show Printable Version Email this Page Subscribe to this Thread      Post New Thread    Post A Reply      

    Building a Windows 2003 DMZ Server without ISA  
johnpaul.temple@gmail.com


View Ip Address Report This Message To A Moderator Edit/Delete Message


 
10-24-05 04:03 PM

hi

I am planning on building a Windows 2003 Web Server and placing into a
DMZ, with cisco PIX on each side.

I have found only a few documents that describe how to configure the
Windows Server without using ISA.  Has anyone got any tips or
suggestions for this sort of scenario?

We don't have a copy of ISA and I don't think there are any plans to
purchase it in the near future, which is why I am planning on building
this DMZ without it.

thanks in advance

JP




[ Post a follow-up to this message ]



    Re: Building a Windows 2003 DMZ Server without ISA  
Chris Weber [Security MVP]


View Ip Address Report This Message To A Moderator Edit/Delete Message


 
10-24-05 04:03 PM

I would refer you to the  Windows Server 2003 Security Guide at
http://www.microsoft.com/technet/se...0
0.mspx

In general, IIS 6 in Win2k3 is pretty nice out of the box - ASP disabled,
IIS lockdown preconfigured etc.  So as long as you lockdown your perimeter
firewall to only allow TCP 80 and/or 443 you should be okay, provided you
dont change too many IIS settings or roll out an insecure web application.

Chris Weber




<johnpaul.temple@gmail.com> wrote in message
news:1129712571.876667.111500@g49g2000cwa.googlegroups.com...
> hi
>
> I am planning on building a Windows 2003 Web Server and placing into a
> DMZ, with cisco PIX on each side.
>
> I have found only a few documents that describe how to configure the
> Windows Server without using ISA.  Has anyone got any tips or
> suggestions for this sort of scenario?
>
> We don't have a copy of ISA and I don't think there are any plans to
> purchase it in the near future, which is why I am planning on building
> this DMZ without it.
>
> thanks in advance
>
> JP
>




[ Post a follow-up to this message ]



    Re: Building a Windows 2003 DMZ Server without ISA  
johnpaul.temple@gmail.com


View Ip Address Report This Message To A Moderator Edit/Delete Message


 
10-24-05 04:03 PM

hi there

thanks for your reply, I have downloaded this and started reading
through it.

JP

Chris Weber [Security MVP] wrote:
> I would refer you to the  Windows Server 2003 Security Guide at
> http://www.microsoft.com/technet/se...br />
h00.mspx
>
> In general, IIS 6 in Win2k3 is pretty nice out of the box - ASP disabled,
> IIS lockdown preconfigured etc.  So as long as you lockdown your perimeter
> firewall to only allow TCP 80 and/or 443 you should be okay, provided you
> dont change too many IIS settings or roll out an insecure web application.
>
> Chris Weber




[ Post a follow-up to this message ]



    Sponsored Links  




 



   All times are GMT. The time now is 04:50 PM.      Post New Thread    Post A Reply      
  Last Thread   Next Thread Next


Most Popular forums 
Apache Server MySQL for Windows Sendmail
Red Hat Networking SuSe Linux Debian Linux
FreeBSD administration Sun Solaris administration Unix Shell programming
WebSphere Portal Server Exchange 2000 administration PostgreSQL administration
Linux Security Computer Security Firewalls

Forum Jump:
Rate This Thread:

Forum Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts 		HTML code is OFF
vB code is ON
Smilies are ON
[IMG] code is OFF
 
Medical and Health forum | Computer Games Reviews | Graphics design forum

Back To The Top
Home | Usercp | Faq | Register