IIS Security (Paperback)

Marty Jost, Michael Cobb

  • 出版商: McGraw-Hill Education
  • 出版日期: 2002-07-29
  • 定價: $1,980
  • 售價: 5.0$990
  • 語言: 英文
  • 頁數: 468
  • 裝訂: Paperback
  • ISBN: 0072224398
  • ISBN-13: 9780072224399
  • 相關分類: 資訊安全
  • 立即出貨(限量) (庫存=3)



Protect your entire IIS Web environment from both insider and outsider security threats

Safeguard your Web site and all its services with help from this detailed guide. After studying common Web site vulnerabilities--for both Internet and intranets--youll find out how to plan and implement an effective and complete security framework that will prevent Denial of Service attacks, hacker intrusions, and malicious code breaches including Trojans, viruses, and worms. Learn to properly configure IIS security features and discover the ins and outs of auditing. This definitive guide will help you proactively manage your IIS Web environment to minimize future security risks. Focused, practical, and authoritative, this book shows you everything you need to secure IIS servers using real-life security challenges with proven solutions, security alerts, implementation techniques, and security check lists.

  • Resolve physical, environmental, network, and security policy issues and manage responsibilities of multi-level administration
  • Identify security vulnerabilities and learn the methods and tools that hackers use so you can better defend against them
  • Harden your server by removing unnecessary services, modifying default accounts, setting safe policies, and configuring secure access control
  • Set rules for authentication, IP filtering, network address translation, and domain restrictions
  • Use VPNs, SSL encryption, and public key cryptography (PKI) effectively
  • Monitor Web site activity through system logs and auditing policies to guard against potential attacks
  • Ensure safe use of scripts and Active Server Pages
  • Secure all IIS services including FTP, SMTP, and NNTP
  • Explore how the privacy factor affects your IIS security practices


   Part I: Exposure, Risk, and Prevention
    1: Web Security Threats
    2: Defacing, Damage, and Denial
    3: Preparing and Hardening Your Web Server
    4: Accounts, Authorization, and Security Policy
    5: Security Auditing and Logging

   Part II: Administration
    6: Deployment Issues
    7: The Security Management Lifecycle
    8: Using Encryption
    9: Third-Party Security Enhancements

   Part III: Advanced Topics
    10: Securing FTP, NNTP, and Other IIS Services
    11: Active Content Security
    12: Web Privacy

   Part IV: Appendixes
    A: Security Resources
    B: Glossary
    C: Reference Tables
    D: Microsoft IIS Authentication Methods


保護您的整個IIS Web環境免受內部和外部的安全威脅。

藉助這本詳細指南,保護您的網站及其所有服務。在研究常見的網站漏洞(包括互聯網和內部網)之後,您將了解如何計劃和實施一個有效且完整的安全框架,以防止拒絕服務攻擊、黑客入侵和惡意代碼入侵,包括特洛伊木馬、病毒和蠕蟲。學習正確配置IIS安全功能,並了解審計的內幕。這本權威指南將幫助您主動管理IIS Web環境,以最大程度地減少未來的安全風險。這本書專注、實用且權威,展示了使用真實安全挑戰、經過驗證的解決方案、安全警報、實施技術和安全檢查清單來保護IIS服務器所需的一切。







確保腳本和Active Server Pages的安全使用。



1. 網站安全威脅
2. 破壞、損壞和拒絕服務
3. 準備和加固您的Web服務器
4. 帳戶、授權和安全策略
5. 安全審計和日誌記錄

6. 部署問題
7. 安全管理生命周期
8. 使用加密
9. 第三方安全增強

10. 保護FTP、NNTP和其他IIS服務
11. 主動內容安全
12. 網絡隱私

A. 安全資源
B. 詞彙表
C. 參考表格
D. Microsoft IIS身份驗證方法