IIS 3.x Security | Applications | IIS 3.x | »
IIS allows the network connection to be C-2 compliant. Security is implemented by using the windows NT user accounts. Additionally IIS creates a user account called IUSR_servername to be used for all anonymous access with a randomly picked password. This account is added to the NT directory database and can be modified by using the User Manager or the User Manager for Domains.
The installation of IIS affects the scope of the IUSR_servername account. If installed on a stand alone server the account is a local user account and has no domain-wide network access. Installation into a Primary Domain Cotroller or a Backup Domain Controler gives the IUSR_servername account domain-wide network access.
Also, the "Log on Locally" user right must be set for the following internet access accounts: (This is found in the User Manager
Note: It is very important to make sure that the User Name and Password entered in the IIS services (FTP, HTTP, and Gopher) matches the user settings in the User Manager.
The most secure setting for IIS is to allow only anonymous access by unchecking the "Basic (clear text)" and "Windows NT Challenge/Response" boxes in the service properties section of each service.
|You are at the www.techadvice.com site which is not associated with the company or products shown on this page.|