| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 40615 | 2003-12-12 23:37:00 | What is IIS, FPSE? / installing VS .NET | GraemeP (4992) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 199881 | 2003-12-12 23:37:00 | I am about to install Visual Studio .NET prof on my home PC running Win XP prof. The install process tells me that if I want to create web projects I have to install IIS and FPSE (front page server extensions). I might want to create a web project one day just to try it out, so I want to install IIS but I don't want to allow surfers to connect to my machine. What is the effect of installing IIS and FPSE on my machine? Will it make it vulnerable to hackers or make it run slower? I have XP firewall enabled. Is IIS a web server like Apache? Also, the VS .NET install is a little confusing in that it says before installing IIS, I should download all security patches and save them to my desktop, but not apply them until after installing IIS. My machine already has the latest MS XP fixes & patches and the link the VS .NET install gives for security patches has no VS .NET specific patches, so what is the point of downloading patches before installing IIS but not applying them until after installing IIS. Graeme |
GraemeP (4992) | ||
| 199882 | 2003-12-13 07:35:00 | Hi Graeme, Yes IIS is a web service. Frontpage server extensions provide support for webpages created in frontpage. Both will have a performance impact on your PC, however unless you want to install the whole .Net framework you will need FPSE (as I understand it). IIS does have many vulnerabilities. My suggestion would be to download the Microsoft Security Baseline Analyser, or better yet HFNetChk pro from Shavlik.com. HFNetChk requires registration however it will allow you to not just scan for updates but install them as well, for up to 10 PCs. I would also recommend a software firewall (Kerio, ZoneAlarm et al), though these also have an impact on performance. My only guess at why they would say download the patches first is so that you have the minimum amount of time unpatched and connected to the internet. |
_mike_ (4814) | ||
| 199883 | 2003-12-13 10:21:00 | If you're installing IIS, but don't want/need to actually have it running, I suggest you download the IIS lockdown tool from Microsoft. What it does is locks down unnecessary parts of IIS so that they aren't accessable from the net, and basically, if you don't need IIS running, it'll lock it down completely (but still be operational enough for VS.Net to use it for its purposes). This would be a lot safer than having IIS open. www.microsoft.com Lockdown Tool 2.1[/url] (285kb). Mike. |
Mike (15) | ||
| 199884 | 2003-12-13 10:56:00 | Thanks guys Graeme |
GraemeP (4992) | ||
| 1 | |||||