Why not just look at another "normal" server and turn all the services back
on that are not running on your webserver? You can then harden the security
bit by bit until you get to the point of achieving a satisfactory balance
between security and ability to monitor.
FWIW, Microsoft provide a pretty decent document on their website in the
IIS section about what services can and cannot be turned off on a webserver
and what the ramification of each service been turned off will have.
Anthony
"John Campbell"
<[EMAIL PROTECTED]
> To
Sent by: <[EMAIL PROTECTED]>
[EMAIL PROTECTED] cc
stone.nu
Subject
Re: [SA-list] Server Problem...
06/01/2004 11:23 Checking Services?
AM
Please respond to
[EMAIL PROTECTED]
nu
I have already done that... First thing. But my problem in securing the
server, I goofed and turned off too many services.
----- Original Message -----
From: Madsen, Kevin
To: '[EMAIL PROTECTED]'
Sent: Monday, January 05, 2004 2:25 PM
Subject: RE: [SA-list] Server Problem... Checking Services?
If the box has been hacked into you do not know what all has been changed.
I
would schedule that machine for an immediate format and rebuild. There are
all sorts of nastys that could have been installed and that box could
still
be "owned".
Thanks,
Rev. Kevin Madsen
Senior LAN Administrator / DBA
The HoneyBaked Ham Company of Georgia
678.966.3385
[EMAIL PROTECTED]
-----Original Message-----
From: John Campbell [mailto:[EMAIL PROTECTED]
Sent: Monday, January 05, 2004 2:20 PM
To: [EMAIL PROTECTED]
Subject: Re: [SA-list] Server Problem... Checking Services?
Which services are required to be active to make that work? It was working
until the server got hacked into... really pisses me off that people seek
to
destory for others have built.
John
The information contained in this email message and any attachment is for
intended recipients only. It may contain confidential, privileged or
copyright material. If you receive this email in error please delete it
and any attachments and notify the sender immediately by reply email. Any
use, reading, copying, distributing or disclosure of the information in
this email is strictly prohibited if you are not the intended recipient.
Any views expressed in this email are not necessarily those of TNT. TNT
does not warrant that this email is free from viruses or other defects.
TNT is not liable for loss, damage or other consequences that may arise
from opening or using this email or any attachments.
âTNTâ means TNT Australia Pty Limited, its related companies and
subsidiaries and includes McPhee Transport Pty Ltd, Riteway Transport Pty
Limited, TNT Materials Handling Pty Ltd and TNT Logistics (Australia) Pty
Limited.èº{.nÇ+·®+-±éÝjf¢g¬±¨¶b²Ü(¡Û-¢w§¹hØ^~e£§)í
æèw*¶¦zËëæìr¸y
%÷