Contents
Overview 1
Identifying Potential Risks from
the Internet 2
Implementing IIS as an Internet
Web Server 9
Implementing IIS as an Intranet
Web Server 16
Implementing IIS as an Extranet
Web Server 24
Review 30

Module 9: Implementing
IIS 5.0

Information in this document is subject to change without notice. The names of companies,
products, people, characters, and/or data mentioned herein are fictitious and are in no way intended
to represent any real individual, company, product, or event, unless otherwise noted. Complying
with all applicable copyright laws is the responsibility of the user. No part of this document may
be reproduced or transmitted in any form or by any means, electronic or mechanical, for any
purpose, without the express written permission of Microsoft Corporation. If, however, your only
means of access is electronic, permission to print one copy is hereby granted.

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from Microsoft, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.

 2001 Microsoft Corporation. All rights reserved.

This section provides the materials and preparation tasks that you need to teach
this module.
Required Materials
To teach this module, you need the Microsoft PowerPoint
®
file 2295A_09.ppt.
Preparation Tasks
To prepare for this module, you should read all of the materials for this module.
Other Activities
This section provides procedures for implementing interactive activities to
present or review information, such as games or role playing exercises.
Class Discussions

To prepare for the activities
1. Review the scenarios.
2. Review the discussion questions and answers.
3. Develop a possible list of alternative answers and their advantages and
disadvantages.

Presentation:
60 Minutes

Lab:
00 Minutes
iv Module 9: Implementing IIS 5.0

Module Strategy
Use the following strategy to present this module:

Identifying Potential Risks from the Internet

This topic describes the considerations that are necessary for implementing
IIS as an intranet Web server. Describe the considerations for configuring
and administering Web sites, configuring applications, providing security,
monitoring and optimizing performance, enabling SMTP, and implementing
FrontPage on an intranet Web server.
When you have finished this topic, begin the class discussion for
implementing IIS as an intranet Web server. Read the scenario to the
students, and then divide the class into groups and assign each group a
question. Give the students time to consider their answers, and then lead a
discussion based on their responses.

Implementing IIS as an Extranet Web Server
This topic describes how to use an extranet to extend the network to trusted
partners. Describe the considerations for configuring and administering Web
sites, configuring applications, providing security, monitoring and
optimizing performance, enabling Simple Mail Transfer Protocol (SMTP),
and implementing FrontPage on an extranet Web server.
When you have finished this topic, begin the class discussion for
implementing IIS as an extranet server. Read the scenario to the students,
and then divide the class into groups and assign each group a question. Give
the students time to consider their answers, and then lead a discussion based
on their responses.

Module 9: Implementing IIS 5.0 v

Customization Information
This section identifies the lab setup requirements for a module and the
configuration changes that occur on student computers during the labs. This
information is provided to assist you in replicating or customizing Microsoft
Official Curriculum (MOC) courseware.

unauthorized access to your network.
In an intranet environment, your Web server acts as a central repository for
corporate data. Team collaboration tools are often used in an intranet to store
team project information. In this way, team members, other departments, and
management can all gain access to project information on the intranet.
You may also want to make a Web server available to business partners,
associates, or subsidiaries without making the Web server available to the
general public. To do this, you can create an extranet that enables only trusted
business partners to gain access to your network over the Internet.
Each of these situations requires different considerations for configuring IIS,
including administering Web sites, configuring applications, providing security,
monitoring and optimizing performance, enabling SMTP, and implementing
Microsoft FrontPage
®
.
After completing this module, you will be able to:

Identify potential risks from the Internet.

Implement IIS as an Internet Web server.

Implement IIS as an intranet Web server.

Implement IIS as an extranet Web server.

Topic Objective
To provide an overview of
the module topics and
objectives.
Lead-in

functionality of your network. Therefore, you must take special precautions to
protect your private corporate network from attackers.
The first step in protecting your private network from public networks is to
identify risks that may be introduced by public network users. You must be able
to identify the following risks:

Risks to network security from common attacks.

Threats introduced by denial-of-service (DoS) attacks.

Threats introduced by port scanning.

Topic Objective
To analyze the common
threats that are introduced
when your private network is
connected to a public
network.
Lead-in
The first step in protecting
your private network from
public networks is to identify
risks that may be introduced
by public network users.
Module 9: Implementing IIS 5.0 3

Common Attacks

Social Engineering


a trusted network or trusted computer.

Exploitation of excess services. The attacker exploits poorly monitored
services. Uninstall or disable any service that does not need to be deployed
on a specific server.

Most of the risks that are associated with Microsoft
Windows
®
2000 services and IIS are identified through Microsoft security
bulletins, which are available at http://www.microsoft.com/technet/security


Exploitation of system back doors. The attacker exploits back door accounts
that were configured to allow administrative access to the network in the
event that the original administrative account is corrupted or compromised.
Audit all administrative group membership periodically to ensure that
unnecessary back door accounts are removed.

Session takeover. The attacker can exploit buffers, which are the spaces that
programmers allocate for variables in their programming. The attacker
overwrites an application’s buffer, resulting in an overflow of code. When
the overflow occurs, it may be possible for the attacker to execute
administrative functions at the security level of the application.
Topic Objective
To describe the risks to
network security from
common attacks.
Lead-in
There are several ways in

Err
or
CPU Cycles Usage
Err
or
Denial-of-Service
Attacks Affect:
Denial
Denial
-
-
of
of
-
-
Service
Service
Attacks Affect:
Attacks Affect:

*****************************
ILLEGAL FOR NON
-
TRAINER USE
******************************
A denial-of-service (DoS) attack is the intentional overwhelming of a network
with unnecessary traffic, which prevents a service or resource from performing
as expected. DoS attacks are not made to steal data or access resources, but
rather to disrupt network traffic. Typically, these attacks are based on known
weaknesses in the Transmission Control Protocol/Internet Protocol (TCP/IP)

often allocate space in their code—called a buffer—for variables. The
attacker overwrites the buffer in the code, which causes the application to
fail.

CPU cycles usage
The attacker causes the CPU to run at high levels, often shutting down the
system. For example, if scripting is enabled for a Web server, the attacker
might cause the Web server to execute a script that will cause heavy usage
of the CPU. You can prevent some DoS attacks by installing the latest Windows 2000
hotfixes and service packs to update vulnerable files. You can download the
latest hotfix or service pack from the Microsoft TechNet Web site at
http://www.microsoft.com/technet/security

Note
6 Module 9: Implementing IIS 5.0 Port Scanning
Web Server
Port Service
20?… closed
21?… FTP
22?… closed
23?… closed
24?… closed
25?… SMTP
Port Scan

Use the netstat command to display all open ports on computers that are
exposed to the Internet. Determine whether all open ports can be identified,
and confirm that they do not represent unauthorized services. To determine what ports are used by specific services, view the text file
%SystemRoot%\system32\drivers\etc\services. Alternatively, to see a listing of
all protocol identification numbers and well-known port numbers, go to the
Web site at http://www.isi.edu/in-notes/iana/assignments/port-numbers

Topic Objective
To analyze the threat of port
scanning to a network.
Lead-in
An attacker can identify the
services that are running on
a target computer by
attempting to contact every
port number.
Delivery Tip
Demonstrate that nbtstat—
an IP address command—
will reveal all NetBIOS
names registered by the
target IP address.
Tip
Module 9: Implementing IIS 5.0 7

Protecting IIS and Network Resources



Implementing a Firewall
A firewall is a combination of hardware and software that protects private
network resources from users on other networks. A firewall allows only specific
forms of traffic to flow in and out of the internal network, thereby protecting
the internal network from intruders on the Internet. By implementing a firewall,
you create a single point of control from which you can secure and audit all
traffic entering your private network from the Internet.
Firewalls provide the following features to allow you to protect your private
network:

Network address translation (NAT). Protects the internal network addressing
scheme from being exposed on the Internet.

Static address mapping. Conceals the true addresses of resources on your
private network that are accessible to the Internet.

Packet filters. Define the protocols that are allowed to pass through the
firewall.
Topic Objective
To introduce strategies for
protecting IIS and network
resources.
Lead-in
To protect IIS and network
resources, you must
develop a network security
plan, implement network
security technologies, and
monitor network traffic.

Note
Note