Microsoft .NET Server Solutions for the Enterprise

Security Checklist

Before you connect your LBS delivery system to the public Internet, you should take the following steps to ensure the safety of your network.

• Apply the latest service pack to Windows 2000.
• Apply all known critical updates from http://www.microsoft.com/windowsupdate.
• Apply all known hotfixes from http://www.microsoft.com/security.
• Apply the IIS lockdown tools.
• Make sure you have not published the entire web site or the IP address on the ISA server. Instead, always use a destination to publish the site.
• Enable packet filtering on the ISA server with intrusion detection. Enabling this detection will ensure that no one will make an unsolicited TCP connection to your ISA server.
• Change the names of your administrators.
• Remove any sample and administration sites.
• In the IIS/Application mappings, remove everything but .wsdl.
• In /Network Connections/Advanced settings, disable the bindings for "file and printer sharing for Microsoft Networks" and "Client for Microsoft Networks" in the NIC connected to the public network.