[H-GEN] To IIS or Not to IIS?
Opec Kemp
okemp at ozemail.com.au
Tue Feb 22 17:49:20 EST 2000
[ Humbug *General* list - semi-serious discussions about Humbug and ]
[ Unix-related topics. Please observe the list's charter. ]
Hi, Peter
> Where I work, management in their wisdom are looking at IIS as an
> intranet
> server (which would probably expand to internet later). While
> this is probably a
> reasonable option in a mostly (99%) NT shop, I jus dona wanna go
> mickysoft any
> more.
>
> It's a mute point for an intranet but security on an internet is a
> consideration. Does anyone have any credable references on
> security holes in
> IIS?
There are various bugs for IIS. To list them all is not practical :):). I'd
check Microsoft site:
http://www.microsoft.com/ntserver/web/default.asp
Security Advisory:
http://microsoft.com/security/products/iis/CheckList.asp
>From this URL you can download thier IIS "how-to" patch the common security
holes. I'd also subscribed to thier security
mailing list etc.
But, whatever you do install IIS 4 at least. Don't know anything about IIS
5/Win2k but they're new so I wounldn't touch it
untill after service packs 3 is out :)
>From my experience IIS has been *very* kind to me :):) buuut I sure hope I
didn't jinxed it now :)
--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.
More information about the General
mailing list