Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

IIS, file sharing, and security questions...

May 27, 2005 3:34AM PDT

So, I know a decent amount about computer hardware, but when it comes to software I only know the programs I've used... I've done a bit of ASP and VB.NET coding, and in turn have enabled IIS on XP Pro. I was also thinking of forwarding the port my server was on, in hopes of accessing my web page from the internet. I frequently visit coffee shops and bookstores with my laptop, so I was wondering how tight the security is. Should I be concerned about someone having access to my files, stored passwords, or anything for that matter?? If so, what programs might you suggest. Right now all I use is Norton Anti-Virus 2005, Windows SP2, and Spybot-Search & Destroy, which should take care of most viruses and spyware, but might I need something more?

Discussion is locked

- Collapse -
Just one thing.
May 27, 2005 3:45AM PDT

A total system backup that can't be reached via the internet.

IIS has been compromised far too many times over the years and becomes a liability with a short fuse.

While I have an Apache and OpenSSH on the internet, it's not on a machine that I can't reload if it gets whipped.

Bob

- Collapse -
IIS is going to somehow whipe my system??
May 27, 2005 4:26AM PDT

I have all my important data on an external USB hd, so that's safe (even if plugged in, right?). But why would IIS really whipe out a system? I'm not questioning your knowledge, that just seems very "off" to me.

- Collapse -
No. IIS will not wipe your data.
May 27, 2005 4:41AM PDT

That is what some intruders do. For example http://seclists.org/lists/fulldisclosure/2005/Apr/0412.html is very recent and it is up to IIS admins to see if such exploits are all patched up.

If security is not your bag, why not move to Apache which has a lot less issues for you to deal with.

Best of luck,

Bob

- Collapse -
I'd have to learn how to use it..
May 27, 2005 6:03AM PDT

I'm new to the web hosting world, though I can't imagine it's that hard... and I am very much concerned with security.

- Collapse -
IIS security is not "easy."
May 27, 2005 6:23AM PDT

I showed you a very recent exploit. If your machine's contents are disposable, go right ahead.

Or you could get the latest Apache.

Bob