IIS Lockdown Tool

Check Description

This check determines whether version 2.1 of the Internet Information Services (IIS) Lockdown tool, part of the Microsoft Security Tool Kit, has been run on the scanned computer.

The IIS Lockdown tool works by turning off unnecessary features in IIS, thereby reducing the attack surface available to attackers. Using the IIS Lockdown tool should be one of the first steps administrators take in securing their Web servers.

Note

• The IIS Lockdown tool was developed for IIS 4.0, 5.0, and 5.1, and is not needed for new Microsoft® Windows® Server 2003 installations running IIS 6.0.  If an upgrade is being performed from IIS 5.0 to IIS 6.0, then the lockdown tool should be run.

Additional Resources

IIS Lockdown Tool

©2002-2004 Microsoft Corporation. All rights reserved.