Using IIS Securely
Network services, by their very nature, accept incoming network traffic and act upon it. Therefore, any network service presents a potential security risk, and a network service as complex and feature-rich as IIS presents a bigger risk, simply because administrators may not understand the security implications of IIS’ capabilities. In the next several sections, I’ll give you some tips for keeping IIS—and your servers in general—as secure as possible. These tips apply primarily to servers that are accessible to attackers or the general public; the majority of the servers on your network should be shielded by a firewall, preventing the public and potential attackers from accessing the servers in any way.
You may not feel the need to secure intranet web servers as thoroughly as publicly exposed Internet web servers. After all, you trust your users, right? Don’t! Disgruntled or even incompetent employees can cause plenty of damage, and never discount the possibility of your internal network being compromised. Secure all your web servers as thoroughly as possible, no matter how safe they may seem.
IIS is not installed as part of a default Windows Server 2003 installation. That’s because only a small percentage of Windows Server 2003 computers need to run IIS; leaving IIS out by default, you’re assured that the security risk presented by IIS is present only on computers where you’ve explicitly installed the software. When IIS is installed, it is not installed ...