Configuring Additional Security Measures for IIS 6.0
In IIS 6.0, Microsoft increased the default security measures for IIS. IIS is no longer installed by default when you install Windows Server 2003, and the default installation locks down the service to limit the server to hosting static HTML initially. Table 24-2 compares the default installation states for IIS 5.0 and IIS 6.0.
| IIS Component | IIS 5.0 Default Installation | IIS 6.0 Default Installation |
|---|---|---|
| Static file support | Enabled | Enabled |
| Active Server Pages | Enabled | Disabled |
| Server-side includes | Enabled | Disabled |
| Internet Data Connector | Enabled | Disabled |
| WebDAV | Enabled | Disabled |
| Index Server ISAPI | Enabled | Disabled |
| Internet Printing ISAPI | Enabled | Disabled |
| CGI ... |
Get Microsoft® Windows® Security Resource Kit, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
