A couple of quick suggestions (in case you haven't already, since you didn't mention what precautions you have taken so far) Make sure your at the latest service pack, and up to date with hotfixes(windows update usually works for this). Run something like hfnetchk(now a part of some new security tool they have) against the machine, read the noted security bulletins and apply the neccesary patches. MS also has the IIS lockdown tool which could help.
As you suggested a program to look at available ports is handy, I happen to use nmap for a quick and dirty look to see what is open. Unless you absolutely have to I would put the machine behind some sort of firewall, or if you can't disable all un-neccesary services and run some sort of software firewall package. I don't know if you can 'secure completely' a machine that is connected to the internet however with a few precautions your much better off. To better your odds you have to stay up to date with the latest vulerabilities and keep the machine patched. -Jimmy -----Original Message----- From: Harish Gondavale [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 18, 2002 9:25 AM To: [EMAIL PROTECTED] Subject: Tools for IIS security check Hi all, Can somebody give few good free tools' name, which can be used to verify that IIS is secured completely? I know few of them : Nessus, Nikto Thanks for all your help. Bye. Harish __________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com
