[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[port139:00230] Re: NT4.0+Sp6a+IIS4.0 $B$GI,MW$J=$@5%b%8%e!<%k0lMw(B [2001/05/18 $BHG(B ]

To: port139@xxxxxxxxxxxxx
Subject: [port139:00230] Re: NT4.0+Sp6a+IIS4.0 $B$GI,MW$J=$@5%b%8%e!<%k0lMw(B [2001/05/18 $BHG(B ]
From: Makoto Shiotsuki <shio@xxxxxxxxxxxx>
Date: Mon, 21 May 2001 11:27:40 +0900

(B>Hotfix$B$rEv$F$J$$$G@_Dj$@$1$G%;%-%e%"$J4D6-$K(B
(B>$B6a$E$1$k$3$H$,$G$-$l$P$$$$$s$G$9$1$I$M!#(B
(B
$B$3$l$K$D$$$F$O(BMS$B$N(BDavid LeBlanc$B;a$,(Bwin2ksecadvice
$B%a!<%j%s%0%j%9%H$G!"http://ntsecurity.net/go/win2ks-l.asp?A2=IND0105A&L=WIN2KSECADVICE&P=1006
(B------------------------------------------------------------
(B1) Implement the IIS 5.0 checklist. It's published on the 
(B   Microsoft security web site. Get it, use it.
(B2) Set the ACL on all the command-line tools to disallow 
(B   IUSR_ or IWAM_ from executing them.
(B3) Set the ACL on the web site to disallow IUSR_ or IWAM_ 
(B   from writing to it
(B4) Turned off the execute bit on scripts directories.
(B
(BBTW, the last two were done by using the Permissions Wizard
(B- right click on a web dir in IIS admin tool, choose 
(BTasks->Permissions Wizard.
(B
(B5) Turned off services we didn't need
(B6) Removed extensions we didn't need
(B------------------------------------------------------------
(B
$B$"$H%]%$%s%H$H$J$j$=$&$J$N$O!"(B
(B
(B  - $B%3%s%F%s%D$H%7%9%F%`$H$G%Q!<%F%#%7%g%s$rJ,$1$k(B
(B  - $B@EE*%3%s%F%s%D$HF0E*%3%s%F%s%D$G%U%)%k%@$rJ,$1!"(B
(B    $B2>A[%U%)%k%@$N@_Dj$rE,@Z$K9T$J$&(B
(B
$B$C$F$J$H$3$G$7$g$&$+!#(B
(B
$B1v7n(B

References:
- [port139:00223] Re: NT4.0+Sp6a+IIS4.0 $B$GI,MW$J(B$B=$@5%b%8%e!<%k0lMw(B [2001/05/18 $BHG(B ]
  - From: Shingo Ogawa

Prev by Date: [port139:00229] Re: NT4.0+Sp6a+IIS4.0 $B$GI,MW$J=$@5%b%8%e!<%k0lMw(B [2001/05/18$BHG(B ]
Next by Date: [port139:00231] Re: NT4.0+Sp6a+I IS4.0 $B$GI,MW$J=$@5%b%8%e!<%k0lMw(J [2001/05/18$BHG(J ]
Previous by thread: [port139:00228] Re: NT4.0+Sp6a+IIS4.0 $B$GI,MW$J(B$B=$@5%b%8%e!<%k0lMw(B [2001/05/18 $BHG(B ]
Next by thread: [port139:00224] Re: NT4.0+Sp6a+IIS4.0 $B$GI,MW$J=$@5%b%8%e(B$B!<%k0lMw(B [2001/05/18$BHG(B ]
Index(es):
- Date
- Thread

[port139:00230] Re: NT4.0+Sp6a+IIS4.0 $B$GI,MW$J=$@5%b%8%e!<%k0lMw(B [2001/05/18 $BHG(B ]

[port139:00230] Re: NT4.0+Sp6a+IIS4.0 $B$GI,MW$J=$@5%b%8%e!<%k0lMw(B [2001/05/18 $BHG(B ]