> I am looking into my security as I am currently getting a
> little worried about the subject. My NT servers are kept up
> to date with the latest patches and advisories but I am not
> really satisfied with this.
>
> Does anyone have any links to anything more substantial then
> Microsoft's guides to secure IIS & Asp and the stuff on the
> Allaire site?
The problem with those guides (if it can really be called that) is that they
are specific to the products discussed (IIS, CF). You really need to put
those together with more general OS security guides. Here's some stuff I've
found to be very useful:
Trusted Systems has a pretty good NT security whitepaper, as well as an
actual book, "Windows NT Security Guide":
http://www.trustedsystems.com/
O'Reilly just came out with a very good book on using NT servers as bastion
hosts:
http://www.oreilly.com/catalog/securwinserv/
There's a good companion/addendum on IIS security on the SecurityFocus site,
as well as all kinds of other stuff:
http://www.securityfocus.com/focus/microsoft/menu.html?fm=1,1&action=fold
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
fax: (202) 797-5444
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
------------------------------------------------------------------------------
To unsubscribe, send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body or visit the list page at www.houseoffusion.com
