Iis Security

Jacket Description/Back: Protect your entire IIS Web environment from both "insider and outsider" security threatsSafeguard your Web site and all its services with help from this detailed guide. After studying common Web site vulnerabilities--for both Internet and intranets--you'll find out how to plan and implement an effective and complete security framework that will prevent Denial of Service attacks, hacker intrusions, and malicious code breaches including Trojans, viruses, and worms. Learn to properly configure IIS security features and discover the ins and outs of auditing. This definitive guide will help you proactively manage your IIS Web environment to minimize future security risks. Focused, practical, and authoritative, this book shows you everything you need to secure IIS servers using real-life security challenges with proven solutions, security alerts, implementation techniques, and security check lists. Resolve physical, environmental, network, and security policy issues and manage responsibilities of multi-level administrationIdentify security vulnerabilities and learn the methods and tools that hackers use so you can better defend against themHarden your server by removing unnecessary services, modifying default accounts, setting safe policies, and configuring secure access controlSet rules for authentication, IP filtering, network address translation, and domain restrictionsUse VPNs, SSL encryption, and public key cryptography (PKI) effectivelyMonitor Web site activity through system logs and auditing policies to guard against potential attacksEnsure safe use of scripts and Active Server PagesSecure all IIS services including FTP, SMTP, and NNTPExplore how the "privacy factor" affectsyour IIS security practicesMarc Notes: Design, implementation, administration--Cover.; Contains Glossary (p. 413-429).; Includes index. Publisher Marketing: This work provides coverage of Web security threats and vulnerabilities on the Internet and on intranets. It gives advice on how to detect and respond to security breaches. It also covers the basic security tools that come with IIS and are managed with the IIS Administration console, shows the weaknesses of these tools, and provides more sophisticated tools that can be utilized to protect the IIS server. Included are implementation techniques on multiple security methods, such as authentication, encryption, authorization, filtering and restrictions to protect against hacking and loss.

Contributor Bio:  Jost, Marty Marty Jost is an experienced security professional and consultant who has worked with Secure Computing, RSA Security, Intuit, Sun, and Novell. He is currently a consultant specializing in Windows NT/2000, IIS, firewalls, and authentication. In the past several years he has worked with all types of businesses who have moved a majority of their applications to web-based platforms. Marty has recently written several security articles for Secure Computing magazine. Contributor Bio:  Cobb, Michael Michael Cobb is Assistant Professor of English at the University of Toronto.