[WEB4LIB] NT Webserver Security?
Richard L. Goerwitz III
richard at goerwitz.com
Tue Oct 30 07:02:16 EST 2001
Michael Dargan wrote:
>
> A couple of years ago someone posted a recipe for creating a secure
> webserver using Windows NT4 and IIS.
This is not meant to start a flame war, but if you are interested
in security, NT + IIS is not going to get you there. Gartner, a
respected industry analyst group, has issued a recommendation that
until Microsoft does a ground-up, publicly tested rewrite of IIS,
alternative servers should be considered:
http://www.gartner.com/DisplayDocument?id=340962
If you're unwilling to consider alternatives, you can also place
IIS behind a reverse proxy. This won't solve all your problems.
But it will allow you to place your NT machine in a more secure
part of your network. And it will allow you to do some kinds of
filtering on the reverse proxy.
--
Richard Goerwitz richard at Goerwitz.COM
tel: 401 438 8978
More information about the Web4lib
mailing list