Web Server...

First I have to give you a warning. If this is your home computer this is a really bad idea. Letting the world into your home to try and save a few dollars, well its just wrong.

If you decide to jump anyway, you need to know that IIS is a windows component. You go to add or remove components and to windows components. If it isn't there you will have to upgrade your OS.

Good luck!

Quote: First I have to give you a warning. If this is your home computer this is a really bad idea. Letting the world into your home to try and save a few dollars, well its just wrong. If you decide to jump anyway, you need to know that IIS is a windows component. You go to add or remove components and to windows components. If it isn't there you will have to upgrade your OS. Good luck!

Thanx
But can i know how can i prevent such type of activities like hacking etc...

Thanx
>> ALI <<

Quote: Thanx But can i know how can i prevent such type of activities like hacking etc... Thanx >> ALI <<

First, you need a really good firewall. Then you need to learn everything you can about locking down IIS. It really isn't something to take lightly, your computer can be messed up very easily if it is not configured properly. Additionally you need to be aware of your ISP's policies regarding home servers. You may not be allowed to have them and then they can shut down your internet service.

Quote: First, you need a really good firewall. Then you need to learn everything you can about locking down IIS. It really isn't something to take lightly, your computer can be messed up very easily if it is not configured properly. Additionally you need to be aware of your ISP's policies regarding home servers. You may not be allowed to have them and then they can shut down your internet service.

And lock down the OS that it's on as well.

I'd also recommend centralized log monitoring so that you are not dependent on the logs on a single system (which can be modified and erased after a device is compromised. But if they're kept somewhere else it makes that more difficult)

Quote: And lock down the OS that it's on as well. I'd also recommend centralized log monitoring so that you are not dependent on the logs on a single system (which can be modified and erased after a device is compromised. But if they're kept somewhere else it makes that more difficult)

Well that would be *de*-centralized log monitoring if you are not going to be dependent on one system.

A good way to do that is to have your server pass its logs to a write-only network share or email it's logs to you every minute or so.

Quote: Well that would be *de*-centralized log monitoring if you are not going to be dependent on one system. A good way to do that is to have your server pass its logs to a write-only network share or email it's logs to you every minute or so.

Dang, I may have my terms mixed up.

My company, for example, has a real-time agent that sits on all our builds and forwards the logs to a SIM/SEM that then not only processes and retains, so that we can run specific reports later, but also has a correlation engine so that if there is something the 'human element' misses, it still triggers an elevated event for investigation.

im guessing that you dont have a windows server os and can't afford to buy a copy of the cd. windows xp home edition does not support iis , and xp pro will impose restrictions on connection count and restrict you to iis 5.0.

By contrast you can go to apache.org and get apache and install it.

Quote: Dang, I may have my terms mixed up. My company, for example, has a real-time agent that sits on all our builds and forwards the logs to a SIM/SEM that then not only processes and retains, so that we can run specific reports later, but also has a correlation engine so that if there is something the 'human element' misses, it still triggers an elevated event for investigation.

So what you have is a bunch of logs being sent off to one location? I suppose it depends on which direction you are looking at it from. Centralized since there is only one computer collecting the logs but de-centralized since all the computers are sending their logs off to somewhere.

The point is...if your web server gets compromised you want to make sure that your logs are safe so you can see what happened and then fix the problem. The terminology isn't really important. Also, if you are having your server send off its logs to somewhere else, you'd better be sure that the "somewhere else" is protected as well.

A good person to ask about this is iamclint, he runs a professional website for his company, knows tons about IIS.

We don't send any logs off anywhere out of our local network. However you do want to keep everything locked down as tight as you can without affecting your end users. We use a cisco pix hardware firewall and a few routers for hardware security. In IIS you will want to disable things like Directory Listing,

---- Home Directory
If local path have settings something like
Read Only
Log Visits
Index this resource
---- Options to stay away from ----
Write Access
Directory Browsing
Script Source Access

---- Directory Security ----
for authentication and access control we use integrated windows account and have that account locked down.

---- Documents ----
This is the tab where you can tell your server which file to autoload when a user hits your IP on that port.


---- Website ----
If this is not a public website you can change the port from 80 to another. You probably want enabled Keep-Alives and Logging.


---- Performance ----
This is where you can set your amount of connections allowed at 1 time, Depending on your os version.