«

A couple of years ago, I had a mild hack of the default windows web page in
inetpub because I was running IIS whilst my DSL connection was on. Ever
since, I have disconnected the DSL before running IIS.

Could anyone give me advice on running IIS safely as a local testing server
(for asp pages) whilst online?

I have to admit that I run an admin account (win2000) so I know this is one
thing I should change.

TIA

John

On Wed, 20 Apr 2005 09:25:01 +0000 (UTC), "btopenworld"
<> wrote:

>A couple of years ago, I had a mild hack of the default windows web page in
>inetpub because I was running IIS whilst my DSL connection was on. Ever
>since, I have disconnected the DSL before running IIS.
>
>Could anyone give me advice on running IIS safely as a local testing server
>(for asp pages) whilst online?

You could set IIS to answer on only 127.0.0.1 and use a hosts file if
you need name resolution to that. That address won't answer off your
local system. Check the IIS group for a lot more security
possibilities, as well as:

Security Checklists:
http://www.microsoft.com/technet/tre...ty/Default.asp

From Blueprint to Fortress: A Guide to Securing IIS 5.0:
http://www.microsoft.com/technet/pro...g/securiis.asp

Jeff

Do you have a firewall? If not, get one (if you are using a router behind
your DSL modem you probably have one). Set the firewall to block all
incoming requests (you're at risk for more than just tampering through your
web-server).

After that is set up run a full virus scan. Then get a couple of spyware
removal tools and run them as well (I like SpyBot SD). You might also want
to pick up a software firewall product like Norton Personal Firewall. Its a
bit pricey and can be quite intrusive but it will tell you when programs try
to access the internet (helps detect spyware).

--
--Mark Schupp
Head of Development
Integrity eLearning
www.ielearning.com


"btopenworld" <> wrote in message
news:d4575d$h72$...
>A couple of years ago, I had a mild hack of the default windows web page in
> inetpub because I was running IIS whilst my DSL connection was on. Ever
> since, I have disconnected the DSL before running IIS.
>
> Could anyone give me advice on running IIS safely as a local testing
> server
> (for asp pages) whilst online?
>
> I have to admit that I run an admin account (win2000) so I know this is
> one
> thing I should change.
>
> TIA
>
> John
>
>
>
>

Thanks Mark

I do run a software firewall (Zonealarm) and following your suggestion I
have now used this to block internet traffic to the server.
( I do use adaware and spybot and have good antivirus)

Thanks again for your suggestions.

John B




"Mark Schupp" <> wrote in message
news:#...
> Do you have a firewall? If not, get one (if you are using a router behind
> your DSL modem you probably have one). Set the firewall to block all
> incoming requests (you're at risk for more than just tampering through
your
> web-server).
>
> After that is set up run a full virus scan. Then get a couple of spyware
> removal tools and run them as well (I like SpyBot SD). You might also want
> to pick up a software firewall product like Norton Personal Firewall. Its
a
> bit pricey and can be quite intrusive but it will tell you when programs
try
> to access the internet (helps detect spyware).
>
> --
> --Mark Schupp
> Head of Development
> Integrity eLearning
> www.ielearning.com
>
>
> "btopenworld" <> wrote in message
> news:d4575d$h72$...
> >A couple of years ago, I had a mild hack of the default windows web page
in
> > inetpub because I was running IIS whilst my DSL connection was on. Ever
> > since, I have disconnected the DSL before running IIS.
> >
> > Could anyone give me advice on running IIS safely as a local testing
> > server
> > (for asp pages) whilst online?
> >
> > I have to admit that I run an admin account (win2000) so I know this is
> > one
> > thing I should change.
> >
> > TIA
> >
> > John
> >
> >
> >
> >
>
>

Thanks Jeff - your suggestion made me look at the options in Zonealarm
(firewall) - from there I can block internet traffic but leave local
traffic working - does that sound like a secure solution.

Thanks again.

John


"Jeff Cochran" <> wrote in message
news:...
> On Wed, 20 Apr 2005 09:25:01 +0000 (UTC), "btopenworld"
> <> wrote:
>
> >A couple of years ago, I had a mild hack of the default windows web page
in
> >inetpub because I was running IIS whilst my DSL connection was on. Ever
> >since, I have disconnected the DSL before running IIS.
> >
> >Could anyone give me advice on running IIS safely as a local testing
server
> >(for asp pages) whilst online?
>
> You could set IIS to answer on only 127.0.0.1 and use a hosts file if
> you need name resolution to that. That address won't answer off your
> local system. Check the IIS group for a lot more security
> possibilities, as well as:
>
> Security Checklists:
>
http://www.microsoft.com/technet/tre...hnet/security/
Default.asp
>
> From Blueprint to Fortress: A Guide to Securing IIS 5.0:
>
http://www.microsoft.com/technet/pro...epovg/securiis
..asp
>
> Jeff

On Wed, 20 Apr 2005 16:12:21 +0000 (UTC), "btopenworld"
<> wrote:

>Thanks Jeff - your suggestion made me look at the options in Zonealarm
>(firewall) - from there I can block internet traffic but leave local
>traffic working - does that sound like a secure solution.

Sure. Whatever works in your setup. Secure your system properly,
lock the IIS to responding only on an inside or localhost IP and block
port 80 inbound in your firewall.

Jeff


>Thanks again.
>
>John
>
>
>"Jeff Cochran" <> wrote in message
>news:...
>> On Wed, 20 Apr 2005 09:25:01 +0000 (UTC), "btopenworld"
>> <> wrote:
>>
>> >A couple of years ago, I had a mild hack of the default windows web page
>in
>> >inetpub because I was running IIS whilst my DSL connection was on. Ever
>> >since, I have disconnected the DSL before running IIS.
>> >
>> >Could anyone give me advice on running IIS safely as a local testing
>server
>> >(for asp pages) whilst online?
>>
>> You could set IIS to answer on only 127.0.0.1 and use a hosts file if
>> you need name resolution to that. That address won't answer off your
>> local system. Check the IIS group for a lot more security
>> possibilities, as well as:
>>
>> Security Checklists:
>>
>http://www.microsoft.com/technet/tre...hnet/security/
>Default.asp
>>
>> From Blueprint to Fortress: A Guide to Securing IIS 5.0:
>>
>http://www.microsoft.com/technet/pro...epovg/securiis
>.asp
>>
>> Jeff
>