O'Reilly logo

Web Security, Privacy & Commerce, 2nd Edition by Gene Spafford, Simson Garfinkel

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Controlling Access with Microsoft IIS

Microsoft’s Internet Information Services (IIS) is a web service that is shipped as part of the Windows NT 4, 2000, and XP operating systems. It is a full-featured web server that does just about anything that you could possibly want (other than run on Unix, that is).

Installing IIS

To install IIS, follow these steps:

  1. Open the “Add/Remove Programs” control panel.

  2. Select “Add/Remove Windows Components.”

  3. Check “Internet Information Services.”

  4. Click “Next.”

IIS installs the following directories on your system:

\Inetpub

Root directory for your web server

\Inetpub\wwwroot

Root document directory for the web server

\systemroot\Help\iisHelp

Help files

\systemroot\system32\inetsrv

Program files

The directories containing user content will remain on your system after you completely uninstall IIS.

Warning

As soon as you install IIS, be sure that you go to the Microsoft Windows Update web site and download all relevant patches for IIS before you start the server. If possible, download the patches from behind a firewall. If you fail to install the IIS patches, your Windows server will almost certainly be broken into and compromised. This is true even if you are behind a corporate firewall or are otherwise “protected.”

Downloading and Installing the IIS Patches

To install the patches, follow these steps:

  1. Log into your Windows system using an account that has Administrator access.

  2. Using Microsoft’s Internet Explorer, open the URL http://windowsupdate.microsoft.com/. On most ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required