Guidelines For Designing Secure Remote Administration

By Author: unknownmem
Total Articles: 128
Comment this article

There are those who say that all Web servers should be administered only from the 70-291 Exam(http://www.mcsa-70-291.com)
console to avoid possible compromise via remote administration methodologies. However, for large Web sites and organizations with multiple Web servers, administration via the console is impractical (although such organizations might consider it for specific sensitive IIS servers). Instead, remote administration is done via the Internet Infor?mation Services Manger or terminal services. A third option, using the Remote Administration (HTML) tool, is generally avoided because it offers too many possibili?ties for remote compromise. The rationale is that HTML access to the server from the Internet must be possible (unless, of course, it is an intranet-only Web server); therefore, the administration tool might be used in an attack. On the other hand, access via other administrative tools—such as terminal services or the Internet Information Services Manager—can be blocked at the firewall.
Follow these guidelines when designing secure remote administration:
Do not install the Remote ...
... Administration (HTML) tool.
Use the Internet Information Services Manager for both console and remote administration. (This tool is now available for Windows XP.)
Consider using terminal services. You can use the Internet Information Services Manager tool on the remote IIS server over terminal services, and you do not need to add administration tools to 70-291(http://www.mcsa-70-291.com)
. You can use terminal services from Windows 2000 Professional and other Windows operating systems as well. Terminal services sessions are encrypted, and the user using them is authenticated. In addition,unless the IIS computer has the terminal service installed and is configured to allow other users and groups, only Administrators can connect and use the service.
Consider the use of IPSec to secure administrative traffic from the administrative workstation and the IIS server.
Require VPN access to the network in order to administer IIS across the WAN if such administration is authorized.
To design appropriate logging of IIS data, you must understand the capabilities and specifications for logging that can be set. IIS logging should be established to log Web site access. This data serves as a record of Web site access and can be reviewed to determine the nature of attempted attacks, trace a user's activity on the site, and provide forensic evidence that might be used to locate the source of an attack or in legal prosecution. Daily, weekly, or monthly log files can be specified. A separate log can be recorded for each application and Web site on the server, unless the central binary log file format is used. In addition to five log file formats, custom log file modules can be created free Microsoft IT certification test questions(http://www.examshots.com/vendor/Microsoft-1.html)
. Table 13-2 summarizes the properties of the different log file formats.