Home > Articles

Securing Information Internet Server

  • Print
  • + Share This
Windows .NET Server comes with an updated version of Information Internet Server (IIS), the single most hacked software application on the Internet. Read here how to configure IIS for security.
This chapter is from the book

This chapter covers:

  • Overview of Internet Information Server

  • Installing Internet Information Server

  • Using the Microsoft Management Console

  • Securing IIS WWW Server

  • Securing IIS FTP Server

  • Securing SMTP and NNTP services

  • Explanation of known vulnerabilities


Although not part of the core security services in Windows .NET Server, because of popular demand for this information we have included a chapter on securing Microsoft's Internet Information Server (IIS). IIS is the single most hacked software application ever. Because of its high visibility, an enterprise Web site is a choice target for hackers with a political or egotistical agenda.


Do not ever install IIS on a machine that is also a domain controller; this can result in severe system compromise by hackers.

In Windows .NET, IIS has evolved into a robust Web server with a host of useful, built-in features. IIS can handle millions of Web site hits per day while at the same time serving dynamic and interactive media to your site visitors. Through its enhanced security and support of scripting languages such as ASP and PHP, IIS is growing in popularity.

Although the most popular Web server software is still Apache, Microsoft's IIS is rapidly growing in popularity and taking market share away from Apache. IIS not only provides worldwide Web services, but it also handles file transfer requests (FTP Server), mail requests (SMTP Server), and newsgroup requests (NNTP Server). In addition, because IIS is a Microsoft Corporation product, it comes with many extras such as data links, Visual Interdev support for large multidepartment programming projects, FrontPage support for live Web authoring, index services for quicker online searches, and much more. With Microsoft's big push for XML, .NET, and the global use of Passport authentication systems, IIS is destined for greatness.


Apache is a very secure, open-source UNIX alternative that also runs flawlessly on Windows platforms. If you would like to try an alternative to IIS, you can get the Apache server for free at http://www.apache.org.

  • + Share This
  • 🔖 Save To Your Account