Re: is IIS 5.0 safe?
From: David Neff (neffda77_at_hotmail.com)
Date: 04/02/04
- Next message: Kristofer Gafvert: "Re: java support"
- Previous message: john: "java support"
- In reply to: David Wang [Msft]: "Re: is IIS 5.0 safe?"
- Next in thread: David Wang [Msft]: "Re: is IIS 5.0 safe?"
- Reply: David Wang [Msft]: "Re: is IIS 5.0 safe?"
- Reply: Jeff Cochran: "Re: is IIS 5.0 safe?"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 2 Apr 2004 00:13:35 -0500
If I stop the website using the IIS snap in when I'm not testing whatever
I've developed, does that eliminate any risk?
PS- Thanks for all of your other advice. I really appreciate it.
"David Wang [Msft]" <someone@online.microsoft.com> wrote in message
news:erFl8D8FEHA.3880@TK2MSFTNGP10.phx.gbl...
> Several options.
>
> IIS 5.1 comes with XP Pro and only supports one website and 10
connections.
> 1. It is possible to set up IP Restriction on the website such that it
will
> only process localhost/127.0.0.1 requests (I don't remember if this
feature
> is enabled in the UI or not).
> 2. You can also setup the Microsoft Loopback Adapter and configure the
> website to only listen on that network interface, so it then becomes
> impossible for IIS to even respond to non local requests while your own PC
> is perfectly able to access IIS.
> 3. Run the software firewall and make sure that port 80 is not open.
>
> Finally, realize that when you run server software, you become responsible
> for configuring/securing it. Security is best achieved through knowledge
> and configuration.
>
> --
> //David
> IIS
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> //
> "David Neff" <neffda77@hotmail.com> wrote in message
> news:%23pe%23Kj6FEHA.2404@TK2MSFTNGP11.phx.gbl...
> At work I use IIS to develop .Net applications and wanted to install it on
> my home Windows XP Pro machine to do some work from home. I'm concerned
> that I'm potentially opening up my home pc to who know what kinds of
> attacks. I have a software firewall, but I don't trust that it is enough.
> Is there a way to configure IIS to make it only work on the machine its
> installed on in a localhost type mode or something. I basically want to
cut
> it off from the outside world.
>
> Thanks!
>
>
>
- Next message: Kristofer Gafvert: "Re: java support"
- Previous message: john: "java support"
- In reply to: David Wang [Msft]: "Re: is IIS 5.0 safe?"
- Next in thread: David Wang [Msft]: "Re: is IIS 5.0 safe?"
- Reply: David Wang [Msft]: "Re: is IIS 5.0 safe?"
- Reply: Jeff Cochran: "Re: is IIS 5.0 safe?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
