Security Basics mailing list archives

How to secure access to private network files via IIS 6.0?

From: Ron Rollo <rjrollo () auditor state oh us>
Date: 12 Feb 2004 01:46:52 -0000



I am looking for some info on best practices for securing file access to internet users via IIS 6.0.  We have document 
files that are accessible via our private internal Windows servers, but there is a need to have some of them available 
for internet users.

Our web server (Windows 2003 Server IIS6.0) is currently in a DMZ behind a PIX firewall. How can we provide 
authentication and access to files on the private network via our web server without having to host a seperate copy of 
those files in the DMZ? If we open up ports 139 or 445 for the web server in the DMZ to enter the inside, wouldn't we 
be putting our inside environment at a larger risk in the event someone hacks our web server?  What are best practices 
for this type of need?

---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------

Current thread:

How to secure access to private network files via IIS 6.0? Ron Rollo (Feb 12)
- <Possible follow-ups>
- How to secure access to private network files via IIS 6.0? Sistemas Aurensis-Sys Sec (Feb 13)
- How to secure access to private network files via IIS 6.0? Sistemas Aurensis-Sys Sec (Feb 13)
- Re: How to secure access to private network files via IIS 6.0? Tomasz Onyszko (Feb 13)