Table of Contents
Securing ColdFusion and IIS
What’s this presentation about?
General security concepts
Current state of affairs
What does “IIS” stand for?
Can IIS be secured?
What’s covered within this presentation?
How much security?
What are the threats?
Threat manifestations
Securing NT/2000
OS security – general concepts
No escape from sadmind!
Disk configuration
Networking
Access Control Lists (ACLs)
ACL interface
More about ACLs
Services
Configuring IIS
ISAPI applications and virtual directories
Configuring IIS, cont’d
Configuring IIS, cont’d
Configuring IIS, cont’d
More on IIS
Securing CF
Patching the CF API extensions
CF application vulnerabilities
Database security
Maintaining security
Resources
|
Author: David T Watts
|