Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Auditing microsoft IIS 5/6.0

from [Nikhil Wagholikar] Network Security [Permanent Link]
Subject: Re: Auditing microsoft IIS 5/6.0
Date: Wed, 29 Aug 2007 09:02:43 +0530 
Hello Nikolaj,

Following are few things that needs to be checked when auditing
Microsoft IIS 5.0/6.0:

1. Use of NTFS file-system.
2. Review IIS and related Directory Permissions - By default Microsoft
OS gives Everyone full control.
3. Review access control for the 'IUSR_computername' account.
4. NTFS permissions on network connected drives (if any).
5. Users in Administrator's group. Review important and critical
accounts regularly. Delete unused accounts immediately.
6. Review correct set of Auditing and logging are enabled or not.
7. Assigning least level of permissions to browse internet.
8. Backing up critical files/folders/registry settings regularly.
9. Review security checks on base OS like Virus/ Trojans etc regularly.
10. Using most secured form of Authentication as possible.
11. Check for physical security of the Web server, like logical
access, biometric authentication etc.
12. Review password protection of screen saver. Define appropriate lockout time.
13. Check whether all the logs are reviewed regularly, preferably with
powerful log analyzers like Microsoft Log Parser (or any other
suitably).

More Information about auditing IIS, kindly refer:

1. IIS 5.0 Checklist:
http://www.google.co.in/url?sa=t&ct=res&cd=1&url=http%3A%2F%2Fskrasavi.ds.uiuc.edu%2FInfo%2FIIS%25205.0%2520checklist.pdf&ei=z-TURrkeorizAtqY0ZMM&usg=AFQjCNF55KdOvcxWaEJ9gB4fhGy2lrmCrQ&sig2=e14zk0XWUErdtzT1WzdLFw
2. IIS Security Checklist:
http://www.google.co.in/url?sa=t&ct=res&cd=3&url=http%3A%2F%2Fwww.microsoft.com%2Fwindows%2Fwindows2000%2Fen%2Fserver%2Fiis%2Fhtm%2Fcore%2Fiisckl.htm&ei=z-TURrkeorizAtqY0ZMM&usg=AFQjCNFhUW9s2QxMNW4w5OD4QcdhNf5_AQ&sig2=SSKRAn-rqCasUTCfZQLaWA
3. IIS Security Checklist:
http://www.google.co.in/url?sa=t&ct=res&cd=5&url=http%3A%2F%2Fwww.washington.edu%2Fcomputing%2Fsupport%2Fwindows%2FUWdomains%2FIISsecchecklist.html&ei=z-TURrkeorizAtqY0ZMM&usg=AFQjCNFn4znBB2z-6sRYuYqsXTzTl_QUeg&sig2=mreulkLwaKDCdLN5h9mF3g
4. Checklist Securing Web Server:
http://www.google.co.in/url?sa=t&ct=res&cd=7&url=http%3A%2F%2Fmsdn2.microsoft.com%2Fen-us%2Flibrary%2Faa302351.aspx&ei=z-TURrkeorizAtqY0ZMM&usg=AFQjCNEypyGH2h70wOuvvv1Ibe5mPbo1rQ&sig2=OJKBmeTS_MUB2chHwFvC7A


----
Nikhil Wagholikar
Information Security Analyst
NII Consulting
Web: http://www.niiconsulting.com


On 8/28/07, Nikolaj <lorddoskias@gmail.com> wrote:

What do you think should be checked when audition MS IIS 5/6.0
installation? Any tips would be helpful.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------




------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: HTTP Proxy for thick clients, Jeffory Atkinson
Next by Date:  Penetration tester or Ethical hacker future?, IRM
Previous by Thread:  Auditing microsoft IIS 5/6.0, Nikolaj
Next by Thread:  Penetration tester or Ethical hacker future?, IRM
Indexes:  [Date] [Thread] [Top] [All Lists]