Practical Recommendations for Securing Internet-Connected Windows NT Systems

ID: Q164882


The information in this article applies to:


SUMMARY

When you connect computers to the Internet it becomes possible to communicate with millions of people and computers world wide by using the TCP/IP protocols. This broad flexibility imposes a degree of risk: Not only can you communicate with people and systems using the protocols that you choose, it is also possible for users to try to initiate communication with your systems. Most of the following recommendations assume you are using the Microsoft Proxy Server. However, some may apply even if you do not have a proxy server.


MORE INFORMATION

Review the following list to learn how to reduce security risks:

To disable IP forwarding on Microsoft Windows NT Server version 4.0:
  1. From the Start menu, select Settings, and then click Control Panel.


  2. In Control Panel, double-click the Network icon.


  3. In the Network dialog box, click the Protocols tab, select TCP/IP Protocol, and then click Properties.


  4. In the Microsoft TCP/IP Properties dialog box, click Routing.


  5. Make sure the check box for Enable IP Forwarding is cleared.


  6. Click OK, then click OK again.


WARNING: If the Windows NT Remote Access Service (RAS) is installed on your gateway after Microsoft Proxy Server is installed, IP forwarding will be enabled. You must disable IP forwarding after installing RAS.
More information on securing an Internet connected Web server can be found in Chapter 8 of the Microsoft Internet Information Server Resource Kit. ISBN:1-57231-638-1

Additional query words: prx iis


Keywords          : 
Version           : WINNT:1.0,2.0,3.0
Platform          : winnt 
Issue type        : kbinfo 

Last Reviewed: April 30, 1999