In Windows Server 2003, the IIS 6.0 web server is switched off by default, for security reasons. But if you’ve got to turn it on and use it, you’ve got some hardening to do. The fastest solution: Buy this book and do what it tells you.
Start by hardening Windows Server itself (including oft-neglected steps like protecting log files so crackers can’t hide). Learn how to install IIS with only the services you need; configure MIME types and IP address restrictions; set up SSL and authentication; secure FTP, NNTP, and POP3 or SMTP mail services, WebDAV, FrontPage extensions, and more.
With checklists throughout -- and “reality checks” that reveal some crucial gotchas -- this book will be pretty much indispensable to working IIS 6.0 administrators. Bill Camarda
Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2003 and Upgrading & Fixing Networks for Dummies, Second Edition.