Just installed IIS in XP Pro

rastagard · 03-20-2003, 05:06 PM

Yesterday I installed IIS and was wondering some things about it.

I am only using it to host pics for posting on forums and I want to know if I am opening myself up to security problems. I installed the M$ Internet Information Services Security Roll-up Package and am running Norton Firewall. I hate to subscribe to the old "I don't have anything a hacker would want" theory even if there is some truth to it.

It was a quick, easy thing to install, but I have gotten some flack from people from another forum which I trust, mainly because they are anti-M$. (I'm no lover of Bill myself)

Another thing I am wondering is whether I will ever have to worry about posting enough pics to impact my bandwidth. I am on Cable and my upload has just been increased to 258 Kbs(I am not sure of the correct capitalization, hopefully you can figure it out) and my download is 1.5 MBs.

**NUTNDUN** · 03-20-2003, 08:22 PM

Well it is MS, how secure can it be LOL. Actually just running the Norton will help keep MS from too much security risk. As for bandwidth, you should be fine. I wouldn't go posting 80Kb pics all over the place though.

rastagard · 03-20-2003, 08:38 PM

Thanks, I was hoping to hear that.

As for the pics, its kinda hard to keep from getting carried away. I like eyecandy. I'm a very visual person. Fortunately gifs are fairly small files.

SaSp · 03-28-2003, 03:40 AM

IIS is a lot safer than MS hates will lead you to believe as long as you keep the updates a flowin'.

As far as affecting your bandwidth by posting pictures from your site, you can always do quick estimate by takeing the size of the pictures you have posted x the number of views of the thread. Unless you are getting ungodly numbers of views very rapidly, I don't think you'll ever have a problem since you have a decent upstream.

*just the notes of a newbie, though I do admin 3 IIS webservers.

Dr. Avery · 03-28-2003, 01:52 PM

I don't know about using IIS - I tried it and my firewall said I was being attacked relentlessly on port 80 *snicker*.

RipperRoo · 03-28-2003, 03:56 PM

posted this on the p2p forum , but for those that missed it

From WinXP News :

Quote:

Installing Internet Information Services Can Cause Problems in Windows XP
Does your computer name have the word "system" in it? For example, "mysystem" or "homesystem"? If so, make sure to rename your computer before installing the FTP service or IIS on your Windows XP computer. For the reasons and a fix check out:

http://www.winxpnews.com/rd/rd.cfm?i...O-Naming_Rules

Cirga · 03-28-2003, 04:01 PM

Quote:

Originally posted by SaSp
IIS is a lot safer than MS hates will lead you to believe as long as you keep the updates a flowin'.

As far as affecting your bandwidth by posting pictures from your site, you can always do quick estimate by takeing the size of the pictures you have posted x the number of views of the thread. Unless you are getting ungodly numbers of views very rapidly, I don't think you'll ever have a problem since you have a decent upstream.

*just the notes of a newbie, though I do admin 3 IIS webservers.

I have to agree with SaSp here. Updating IIS is critical. Most of the security holes that are found on IIS are because the majority of hackers out there are banging away at this web server software more frequently than any others. (Its more widely used). Sure every software package has security holes.. but dont let anyone tell you IIS "sucks". Everything has a bad side.. its up to you to make sure you keep it secure by watching all the updates and getting them.

Security is only as good as the person watching.

rastagard · 03-28-2003, 06:08 PM

The first thing I did after installing this was go to Windows update and it sure did have an update "package" for IIS. I installed it and the IIS lockdown software and I am now fully stealthed according to Shields Up!

I am quite pleased with the ease of using this program so far and I might add that the person who turned me on to this little bit of M$ heaven was none other than the illustrious Dr. Avery.........

Oh and if no one has done so yet (and even if they have ) I would like to welcome you to PC TechTalk, SaSp.

Dr. Avery · 03-29-2003, 09:52 AM

Woo Hoo!

Mad props from the mad Rasta!

my2cents · 04-12-2003, 06:41 PM

IIS will do the job - no problem. Just remove dangerous script mappings

Web-based password reset .htr
Internet Database Connector .idc
Server-Side Includes .stm .shtml .shtm
Internet Printing .printer
Index Server .ida .idq .hta

and

use URLscan from Microsoft at http://www.microsoft.com/windows2000...an/default.asp

SaSp · 04-13-2003, 01:22 PM

Thanks for the welcome. I'm sure you'll have no trouble with IIS. Just keep the updates a flowin'

03-20-2003, 05:06 PM	#1 (permalink)
rastagard Humble Idiot Join Date: Jan 2003 Location: Florida Posts: 2,271	Just installed IIS in XP Pro Yesterday I installed IIS and was wondering some things about it. I am only using it to host pics for posting on forums and I want to know if I am opening myself up to security problems. I installed the M$ Internet Information Services Security Roll-up Package and am running Norton Firewall. I hate to subscribe to the old "I don't have anything a hacker would want" theory even if there is some truth to it. It was a quick, easy thing to install, but I have gotten some flack from people from another forum which I trust, mainly because they are anti-M$. (I'm no lover of Bill myself) Another thing I am wondering is whether I will ever have to worry about posting enough pics to impact my bandwidth. I am on Cable and my upload has just been increased to 258 Kbs(I am not sure of the correct capitalization, hopefully you can figure it out) and my download is 1.5 MBs.

03-20-2003, 08:22 PM	#2 (permalink)
NUTNDUN Registered Join Date: Oct 2001 Location: PA Posts: 1,465	Well it is MS, how secure can it be LOL. Actually just running the Norton will help keep MS from too much security risk. As for bandwidth, you should be fine. I wouldn't go posting 80Kb pics all over the place though. __________________ GTtalk

03-28-2003, 03:40 AM	#4 (permalink)
SaSp Registered User Join Date: Mar 2003 Location: Memphis, TN Posts: 21	IIS is a lot safer than MS hates will lead you to believe as long as you keep the updates a flowin'. As far as affecting your bandwidth by posting pictures from your site, you can always do quick estimate by takeing the size of the pictures you have posted x the number of views of the thread. Unless you are getting ungodly numbers of views very rapidly, I don't think you'll ever have a problem since you have a decent upstream. *just the notes of a newbie, though I do admin 3 IIS webservers. __________________ "There are 10 types of people in this world. Those who know binary, and those who don't."

03-28-2003, 01:52 PM	#5 (permalink)
Dr. Avery Tech Weasel Join Date: Mar 2003 Location: The Fortress of Awesometude Posts: 1,145	I don't know about using IIS - I tried it and my firewall said I was being attacked relentlessly on port 80 snicker. __________________ 01010001 01110101 01100001 01100011 01101011: Fowl Syntax.

04-13-2003, 01:22 PM	#11 (permalink)
SaSp Registered User Join Date: Mar 2003 Location: Memphis, TN Posts: 21	Thanks for the welcome. I'm sure you'll have no trouble with IIS. Just keep the updates a flowin' __________________ "There are 10 types of people in this world. Those who know binary, and those who don't."

03-20-2003, 08:38 PM	#3 (permalink)
rastagard Humble Idiot Join Date: Jan 2003 Location: Florida Posts: 2,271	Thanks, I was hoping to hear that. As for the pics, its kinda hard to keep from getting carried away. I like eyecandy. I'm a very visual person. Fortunately gifs are fairly small files.

03-28-2003, 06:08 PM	#8 (permalink)
rastagard Humble Idiot Join Date: Jan 2003 Location: Florida Posts: 2,271	The first thing I did after installing this was go to Windows update and it sure did have an update "package" for IIS. I installed it and the IIS lockdown software and I am now fully stealthed according to Shields Up! I am quite pleased with the ease of using this program so far and I might add that the person who turned me on to this little bit of M$ heaven was none other than the illustrious Dr. Avery......... Oh and if no one has done so yet (and even if they have ) I would like to welcome you to PC TechTalk, SaSp.

03-29-2003, 09:52 AM	#9 (permalink)
Dr. Avery Tech Weasel Join Date: Mar 2003 Location: The Fortress of Awesometude Posts: 1,145	Woo Hoo! Mad props from the mad Rasta!

04-12-2003, 06:41 PM	#10 (permalink)
my2cents Registered User Join Date: Apr 2003 Posts: 3	IIS will do the job - no problem. Just remove dangerous script mappings Web-based password reset .htr Internet Database Connector .idc Server-Side Includes .stm .shtml .shtm Internet Printing .printer Index Server .ida .idq .hta and use URLscan from Microsoft at http://www.microsoft.com/windows2000...an/default.asp

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode