Microsoft® Windows® Security Resource Kit, Second Edition

Implementing Additional Security Measures for IIS 5.0

Two tools are available to secure an IIS 5.0 server: the IIS Lockdown tool and the URLScan filter. These tools remove known weaknesses in the IIS configuration and provide filters to prevent known attacks against the IIS server.

IIS Lockdown Tool

By default, Windows 2000 includes the installation of IIS. The IIS Lockdown tool enables you to secure IIS configuration without removing and reinstalling the service. The IIS Lockdown tool can be run by an administrator or can be scripted to allow the unattended application of IIS Lockdown settings to an IIS server. The installation of the tool is broken down into security configuration sections:

Selecting a server template
Configuring Internet ...

Get Microsoft® Windows® Security Resource Kit, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Microsoft® Windows® Security Resource Kit, Second Edition by Ben Smith, Brian Komar, The Microsoft Security Team

Implementing Additional Security Measures for IIS 5.0

IIS Lockdown Tool

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly