Re: WebDAV

["Hunter, Laura E." <hunter () SFS UPENN EDU>]

Managing WebDAV security:
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/I
IS/4beddb35-0cba-424c-8b9b-a5832ad8e208.mspx

More to the point, while a particular app (WebDAV or otherwise) can
conceivably be -less- secure than the box it's installed on, it will
never ever ever be -more- secure. So it's also critical to secure the
underlying OS, the overall IIS installation, and to take measures to
physically restrict access to the box and/or put it on a protected
network subnet.

******************************************
Laura E. Hunter
Microsoft MVP: Windows Server - Networking
TSS Support-on-Site
Student Financial Services
University of Pennsylvania

> -----Original Message-----
> From: Flagg, Martin D. [mailto:FlaggMD () HIRAM EDU] 
> Sent: Wednesday, May 11, 2005 10:47 AM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: [SECURITY] WebDAV
>
> We have an Windows Administrator here that wants to use 
> webDAV using IIS
> to open up all file access to the Internet.  The interface is 
> very nice
> but I am concerned about security.  I looking for solid technical pros
> and cons of this idea.  The Front-end is a Windows 2003 running IIS
> connecting to Windows 2000 files servers.  I know doing this with Unix
> would be better but I have no control of that, if it is done 
> it will be
> Windows.  Also, any suggestions for securing it better would be
> appreciated.
>
> Thanks
> Marty
>
>
> Martin D. Flagg
> Network Engineer/Administrator
> Hiram College
> -
> If you lend someone $20, 
> and never see that person again,
> it was probably worth it.
>
> **********
> Participation and subscription information for this EDUCAUSE 
> Discussion Group discussion list can be found at 
> http://www.educause.edu/groups/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.