After you lock down your Web server, how do you make sure it stays locked down? Inadvertently misconfiguring or disabling a security feature while administering a server is, unfortunately, easy to do. And installing updates and software can reenable services or features that you've disabled for security reasons. Therefore, recognizing changes to your Web server as soon as possible is important.
To detect changes, you can use System Scanner 1.1, a Microsoft Windows 2000 Server Resource Kit utility. This host-based security scanner performs several vulnerability checks, including baseline comparisons in which Microsoft IIS detects changes to processes, services, shares, files, users, and groups. After you secure your Web server, you can use System Scanner to take a snapshot of the server configurations, then compare new scans against the baseline snapshot to identify changes. Unlike running a security template in analyze mode, System Scanner sees changes to files' contents and attributes. . . .
Why become a VIP member?
 |
VIP-only online access |
 |
VIP CD delivered twice a year: offline access to the entire Windows IT Pro article library |
 |
Monthly issue of your choice of Windows IT Pro or SQL Server Magazine |