- Average Customer Review:
Based on
4
reviews.
- Amazon.com Sales Rank: 836767
|
Product Description Coverage includes: Script Source Access, Information Disclosure, Denial of Service, Buffer Overflows, Directory Traversal, Cross-Site Scripting, Preparing the Operating System, Partitioning Hard Drives, Installing the OS, Preparing the File System, Installing IIS, Installing Hotfixes, Locking Down COM and Database Access, Securing Web Services, Running the IIS Lockdown Wizard, Securing IIS Global Settings, Securing the Default and Administration Web Sites, Disabling Internet Printing, Disabling or Securing the FrontPage Server Extensions, Configuring URLScan, Securing Web Sites, Building a Directory Structure, Setting Master WWW Properties, Securing by Content Type, Authenticating Users, Using Anonymous Authentication, Using Basic Authentication, Using Digest Authentication, Using Integrated Windows Authentication, Using Client Certificate Mapping, Publishing Web Content, Staging and Review, Setting File Attributes, Building File Checksums, Moving Content versus Updating Content, Summary, Solutions Fast Track, Frequently Asked Questions.
Featured Customer Reviews  utterly worthless.,
November 21, 2005
in less than five minutes. This book was written for the kind of
person that has trouble finding the "ON" switch - not a real
network administrator. If you know what you're doing, then dont
waste your money. Know you're covered,
October 03, 2004
Each chapter is focused on a specific section of IIS security. Chapters cover topics as varied as Basic IIS security, Advanced IIS security, monitoring, and general Server 2003 hardening. Each chapter contains the some information on the Microsoft recommended procedure for the particular practice (what the authors call "By the Book"). Additionally, you will find many sections throughout the book labeled "Realty Check", which is designed to highlight how to either do something different from what Microsoft recommends or what some of the problems associated with the recommended procedure might be. Finally, "Notes from the Underground" popup frequently, which help illustrate how hackers might utilize poor security around the illustrated practice in order to gain something.
I found the chapters to be well laid-out, easy to follow, and right to the point. This book helped provide some real insight to various security practices around IIS, and was quite interesting to read as well. This book is a must-have if you are responsible for monitoring or maintaining IIS 6 in your infrastructure.
I am definitely looking forward to reading the next in the series of CYA books! Your A** is Covered is rude,
September 26, 2004
Each chapter is lacking of coherent.
I still feel there are more elegant ways than "Your A** is Covered".
It is better to have scenario to illustrate why this should be used or done.
Excellent book!,
August 11, 2004 Thank you guys for an excellent book! I have been developing applications for IIS for many years and think you have done a great job in explaining how it all works. I also very much like the "reality check" concept. Keep up the good work!
You might also be interested in these items...
|
|