I can understand when theres SQL authentication involved and how one may
pass the SQL Server credentials that way ..
But cant figure out how would IIS connect using Windows Authentication ?
What Windows login would these web servers need ? Do i create that same
login on all Web Servers and also on SQL .. What this anonymous login ? We
want to tighten the controls using Windows Authentication and dont know how
to do so with Web Servers..
Authentication and Security White Paper for Internet Developers
http://support.microsoft.com/default...b;en-us;174811
Understanding Internet Information Security
http://www.microsoft.com/ntserver/te.../iissecure.asp
AMB
"Hassan" wrote:
> I can understand when theres SQL authentication involved and how one may
> pass the SQL Server credentials that way ..
> But cant figure out how would IIS connect using Windows Authentication ?
> What Windows login would these web servers need ? Do i create that same
> login on all Web Servers and also on SQL .. What this anonymous login ? We
> want to tighten the controls using Windows Authentication and dont know how
> to do so with Web Servers..
>
>
|||This paper discusses the ASP.NET model. Basically it looks like you have to
grant the ASPNET user database and some other permissions. Hope this helps:
http://msdn.microsoft.com/library/de...SecNetch08.asp
"Hassan" <fatima_ja@.hotmail.com> wrote in message
news:OneQ%23N3RFHA.3732@.tk2msftngp13.phx.gbl...
>I can understand when theres SQL authentication involved and how one may
> pass the SQL Server credentials that way ..
> But cant figure out how would IIS connect using Windows Authentication ?
> What Windows login would these web servers need ? Do i create that same
> login on all Web Servers and also on SQL .. What this anonymous login ? We
> want to tighten the controls using Windows Authentication and dont know
> how
> to do so with Web Servers..
>
2012年3月22日星期四
Any whitepaper that talks on Web Servers to SQL server connections
I can understand when theres SQL authentication involved and how one may
pass the SQL Server credentials that way ..
But cant figure out how would IIS connect using Windows Authentication ?
What Windows login would these web servers need ? Do i create that same
login on all Web Servers and also on SQL .. What this anonymous login ? We
want to tighten the controls using Windows Authentication and dont know how
to do so with Web Servers..Authentication and Security White Paper for Internet Developers
http://support.microsoft.com/defaul...kb;en-us;174811
Understanding Internet Information Security
http://www.microsoft.com/ntserver/t...v/iissecure.asp
AMB
"Hassan" wrote:
> I can understand when theres SQL authentication involved and how one may
> pass the SQL Server credentials that way ..
> But cant figure out how would IIS connect using Windows Authentication ?
> What Windows login would these web servers need ? Do i create that same
> login on all Web Servers and also on SQL .. What this anonymous login ? We
> want to tighten the controls using Windows Authentication and dont know ho
w
> to do so with Web Servers..
>
>|||This paper discusses the ASP.NET model. Basically it looks like you have to
grant the ASPNET user database and some other permissions. Hope this helps:
Netch08.asp" target="_blank">http://msdn.microsoft.com/library/d.../>
Netch08.asp
"Hassan" <fatima_ja@.hotmail.com> wrote in message
news:OneQ%23N3RFHA.3732@.tk2msftngp13.phx.gbl...
>I can understand when theres SQL authentication involved and how one may
> pass the SQL Server credentials that way ..
> But cant figure out how would IIS connect using Windows Authentication ?
> What Windows login would these web servers need ? Do i create that same
> login on all Web Servers and also on SQL .. What this anonymous login ? We
> want to tighten the controls using Windows Authentication and dont know
> how
> to do so with Web Servers..
>
pass the SQL Server credentials that way ..
But cant figure out how would IIS connect using Windows Authentication ?
What Windows login would these web servers need ? Do i create that same
login on all Web Servers and also on SQL .. What this anonymous login ? We
want to tighten the controls using Windows Authentication and dont know how
to do so with Web Servers..Authentication and Security White Paper for Internet Developers
http://support.microsoft.com/defaul...kb;en-us;174811
Understanding Internet Information Security
http://www.microsoft.com/ntserver/t...v/iissecure.asp
AMB
"Hassan" wrote:
> I can understand when theres SQL authentication involved and how one may
> pass the SQL Server credentials that way ..
> But cant figure out how would IIS connect using Windows Authentication ?
> What Windows login would these web servers need ? Do i create that same
> login on all Web Servers and also on SQL .. What this anonymous login ? We
> want to tighten the controls using Windows Authentication and dont know ho
w
> to do so with Web Servers..
>
>|||This paper discusses the ASP.NET model. Basically it looks like you have to
grant the ASPNET user database and some other permissions. Hope this helps:
Netch08.asp" target="_blank">http://msdn.microsoft.com/library/d.../>
Netch08.asp
"Hassan" <fatima_ja@.hotmail.com> wrote in message
news:OneQ%23N3RFHA.3732@.tk2msftngp13.phx.gbl...
>I can understand when theres SQL authentication involved and how one may
> pass the SQL Server credentials that way ..
> But cant figure out how would IIS connect using Windows Authentication ?
> What Windows login would these web servers need ? Do i create that same
> login on all Web Servers and also on SQL .. What this anonymous login ? We
> want to tighten the controls using Windows Authentication and dont know
> how
> to do so with Web Servers..
>
2012年3月6日星期二
Any other patch need to installed besides SP3a?
Hi,
I installed SP3a for MS SQL 2000. Do I need to install any other tools to prevent from hacking?
e.g. IIS Lockdown Tool for windows 2000 server IIS 5
Thanks for advice
You should check all your servers with these security tools.
http://www.microsoft.com/downloads/d...displaylang=en
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
"Tom" <kerocow@.yahoo.com> wrote in message
news:EEC32889-130C-4327-8AA2-A1F41BFD1430@.microsoft.com...
> Hi,
> I installed SP3a for MS SQL 2000. Do I need to install any other tools to
prevent from hacking?
> e.g. IIS Lockdown Tool for windows 2000 server IIS 5
> Thanks for advice
|||Tom,
You might want to install the MS03-031 security update.
http://www.microsoft.com/technet/sec.../MS03-031.mspx
Mark Allison, SQL Server MVP
http://www.markallison.co.uk
Tom wrote:
> Hi,
> I installed SP3a for MS SQL 2000. Do I need to install any other tools to prevent from hacking?
> e.g. IIS Lockdown Tool for windows 2000 server IIS 5
> Thanks for advice
|||Thanks for help
I installed SP3a for MS SQL 2000. Do I need to install any other tools to prevent from hacking?
e.g. IIS Lockdown Tool for windows 2000 server IIS 5
Thanks for advice
You should check all your servers with these security tools.
http://www.microsoft.com/downloads/d...displaylang=en
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
"Tom" <kerocow@.yahoo.com> wrote in message
news:EEC32889-130C-4327-8AA2-A1F41BFD1430@.microsoft.com...
> Hi,
> I installed SP3a for MS SQL 2000. Do I need to install any other tools to
prevent from hacking?
> e.g. IIS Lockdown Tool for windows 2000 server IIS 5
> Thanks for advice
|||Tom,
You might want to install the MS03-031 security update.
http://www.microsoft.com/technet/sec.../MS03-031.mspx
Mark Allison, SQL Server MVP
http://www.markallison.co.uk
Tom wrote:
> Hi,
> I installed SP3a for MS SQL 2000. Do I need to install any other tools to prevent from hacking?
> e.g. IIS Lockdown Tool for windows 2000 server IIS 5
> Thanks for advice
|||Thanks for help
Any other patch need to installed besides SP3a?
Hi,
I installed SP3a for MS SQL 2000. Do I need to install any other tools to pr
event from hacking?
e.g. IIS Lockdown Tool for Windows 2000 server IIS 5
Thanks for adviceYou should check all your servers with these security tools.
CDE4D933600&displaylang=en" target="_blank">http://www.microsoft.com/downloads/...&displaylang=en
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
"Tom" <kerocow@.yahoo.com> wrote in message
news:EEC32889-130C-4327-8AA2-A1F41BFD1430@.microsoft.com...
> Hi,
> I installed SP3a for MS SQL 2000. Do I need to install any other tools to
prevent from hacking?
> e.g. IIS Lockdown Tool for Windows 2000 server IIS 5
> Thanks for advice|||Tom,
You might want to install the MS03-031 security update.
http://www.microsoft.com/technet/se...n/MS03-031.mspx
Mark Allison, SQL Server MVP
http://www.markallison.co.uk
Tom wrote:
> Hi,
> I installed SP3a for MS SQL 2000. Do I need to install any other tools to
prevent from hacking?
> e.g. IIS Lockdown Tool for Windows 2000 server IIS 5
> Thanks for advice|||Thanks for help
I installed SP3a for MS SQL 2000. Do I need to install any other tools to pr
event from hacking?
e.g. IIS Lockdown Tool for Windows 2000 server IIS 5
Thanks for adviceYou should check all your servers with these security tools.
CDE4D933600&displaylang=en" target="_blank">http://www.microsoft.com/downloads/...&displaylang=en
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
"Tom" <kerocow@.yahoo.com> wrote in message
news:EEC32889-130C-4327-8AA2-A1F41BFD1430@.microsoft.com...
> Hi,
> I installed SP3a for MS SQL 2000. Do I need to install any other tools to
prevent from hacking?
> e.g. IIS Lockdown Tool for Windows 2000 server IIS 5
> Thanks for advice|||Tom,
You might want to install the MS03-031 security update.
http://www.microsoft.com/technet/se...n/MS03-031.mspx
Mark Allison, SQL Server MVP
http://www.markallison.co.uk
Tom wrote:
> Hi,
> I installed SP3a for MS SQL 2000. Do I need to install any other tools to
prevent from hacking?
> e.g. IIS Lockdown Tool for Windows 2000 server IIS 5
> Thanks for advice|||Thanks for help
订阅:
博文 (Atom)