Why not just look at another "normal" server and turn all the services back
on that are not running on your webserver? You can then harden the security
bit by bit until you get to the point of achieving a satisfactory balance
between security and ability to monitor.

FWIW, Microsoft provide a pretty decent document on their website in the
IIS section about what services can and cannot be turned off on a webserver
and what the ramification of each service been turned off will have.

Anthony



                                                                           
             "John Campbell"                                               
             <[EMAIL PROTECTED]                                             
             >                                                          To 
             Sent by:                  <[EMAIL PROTECTED]>               
             [EMAIL PROTECTED]                                          cc 
             stone.nu                                                      
                                                                   Subject 
                                       Re: [SA-list] Server Problem...     
             06/01/2004 11:23          Checking Services?                  
             AM                                                            
                                                                           
                                                                           
             Please respond to                                             
             [EMAIL PROTECTED]                                             
                    nu                                                     
                                                                           
                                                                           




    I have already done that... First thing. But my problem in securing the
server, I goofed and turned off too many services.


 ----- Original Message -----
 From: Madsen, Kevin
 To: '[EMAIL PROTECTED]'
 Sent: Monday, January 05, 2004 2:25 PM
 Subject: RE: [SA-list] Server Problem... Checking Services?



 If the box has been hacked into you do not know what all has been changed.
 I
 would schedule that machine for an immediate format and rebuild. There are

 all sorts of nastys that could have been installed and that box could
 still
 be "owned".


 Thanks,


 Rev. Kevin Madsen
 Senior LAN Administrator / DBA
 The HoneyBaked Ham Company of Georgia
 678.966.3385
 [EMAIL PROTECTED]






 -----Original Message-----
 From: John Campbell [mailto:[EMAIL PROTECTED]
 Sent: Monday, January 05, 2004 2:20 PM
 To: [EMAIL PROTECTED]
 Subject: Re: [SA-list] Server Problem... Checking Services?





 Which services are required to be active to make that work? It was working

 until the server got hacked into... really pisses me off that people seek
 to
 destory for others have built.





 John











 The information contained in this email message and any attachment is for
 intended recipients only.  It may contain confidential, privileged or
 copyright material.  If you receive this email in error please delete it
 and any attachments and notify the sender immediately by reply email.  Any
 use, reading, copying, distributing or disclosure of the information in
 this email is strictly prohibited if you are not the intended recipient.





 Any views expressed in this email are not necessarily those of TNT.  TNT
 does not warrant that this email is free from viruses or other defects.
 TNT is not liable for loss, damage or other consequences that may arise
 from opening or using this email or any attachments.





 âTNTâ means TNT Australia Pty Limited, its related companies and
 subsidiaries and includes  McPhee Transport Pty Ltd, Riteway Transport Pty
 Limited, TNT Materials Handling Pty Ltd and TNT Logistics (Australia) Pty
 
Limited.èº{.nÇ+‰·Ÿ®‰š–+-±éÝjf¢–g¬±¨¶‰b²Ü(¡Û-¢w§¹h­†Ø^~‰e£§‚)í…æèw*¶¦zˁëæìr¸›y 
%Š÷

Reply via email to