Re: IISlockdown on Win2003,Exch2003 Mailbox ?

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Ben Winzenz [Exchange MVP] (ben_winzenz_at_NOSPAMdotmessageonedotcom)
Date: 01/26/05

• Next message: Fred Yarbrough: "Re: How big should the DB and Logs partitions be?"
• Previous message: T.Mohamed: "Re: Can'f find my mailbox store"
• In reply to: Marlon Brown: "IISlockdown on Win2003,Exch2003 Mailbox ?"
• Next in thread: Josh R. Andrews: "Re: IISlockdown on Win2003,Exch2003 Mailbox ?"
• Reply: Josh R. Andrews: "Re: IISlockdown on Win2003,Exch2003 Mailbox ?"
• Messages sorted by: [ date ] [ thread ]

---

Date: Wed, 26 Jan 2005 09:30:57 -0600

>From the articles I have seen, IIS Lockdown is not supported to run on
Windows 2003 servers - I'm not sure that it will even let you run it. Also,
the current version is 2.1, not 2.5. IIS 6.0 is secured much more so that
IIS 5.0, so running IIS Lockdown should not be needed.

Here is the details from the download on MS site for IIS Lockdown. They
indicate that Server 2003 is not on the list of supported OS's.
System Requirements
  a.. Supported Operating Systems: Windows 2000, Windows NT, Windows XP

  a.. Windows NT 4.0 running IIS 4.0, Windows 2000 running IIS 5.0, or
Windows XP running IIS 5.1
One other option you have is installing URLScan. The current version of
that is 2.5. It will work on IIS 6.0, but again, IIS 6.0 is much more
secure and includes most of the security enhancements that URLScan would
include. See this page for more details.
http://www.microsoft.com/technet/security/tools/urlscan.mspx

-- 
Ben Winzenz
Exchange MVP
"Marlon Brown" <marlon_brownj@hotmail.com> wrote in message 
news:u3nKSe6AFHA.4004@tk2msftngp13.phx.gbl...
> Is it recommended to run iislockdown tool on Exch 2003 mailbox servers ?
> Also, I have iislockdown 2.5 running on my current Exch2000 OWA, and I 
> assume I should continue using it on Exch2003 OWA, right ?
> 

---

• Next message: Fred Yarbrough: "Re: How big should the DB and Logs partitions be?"
• Previous message: T.Mohamed: "Re: Can'f find my mailbox store"
• In reply to: Marlon Brown: "IISlockdown on Win2003,Exch2003 Mailbox ?"
• Next in thread: Josh R. Andrews: "Re: IISlockdown on Win2003,Exch2003 Mailbox ?"
• Reply: Josh R. Andrews: "Re: IISlockdown on Win2003,Exch2003 Mailbox ?"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages Re: been hit by hacker, servudaemon installed ... security patching on iis 4.0 ... security fixes into the new version. ... >install all service packs and patches from Microsoft, ... >>>Windows, Apache, you name it. ... (microsoft.public.inetserver.iis.security) Re: been hit by hacker, servudaemon installed ... security patching on iis 4.0 ... security fixes into the new version. ... :>install all service packs and patches from Microsoft, ... :>>>Windows, Apache, you name it. ... (microsoft.public.inetserver.iis.security) Re: Mac Server Hacked In Less Than 6 Hours ... Windows has RAS, and for it is built in since NT 3.1 ... | A typical IIS box and this Mac are not the same thing so the comparison ... IIS has been subject to quite a few bugs and so have ... Security isn't a proprietary attribute. ... (sci.crypt) Re: File sharing, major security issue ... > windows file sharing for hours with no luck. ... > seem to be set by IIS though, ... don't have a firewall, you need one. ... your logs to know which ISP to complain to. ... (microsoft.public.inetserver.iis.security) Re: IIS Vs Apache on Windows 2003 ... is better IIS or apache in Windows 2003 Server ... able to take advantage of insider knowledge, IIS would be faster. ... all these servers were either devel servers or low-traffic ones. ... (comp.lang.php)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Exchange  > microsoft.public.exchange.admin  > 2005-01