December 16, 2008 at 9:38 am
I'm looking for an article or other resources relating to what services are recommended to be disabled. For instance, I know IIS should not be enabled, but specifically I'm looking at FTP, HTTP, SMTP. What functions are removed by disabling these, such as dbmail, etc.
Kind of vague, but I'm hoping someone knows of a resource. My search comes up with irrelevant results.
I appreciate it!
December 16, 2008 at 9:59 am
I wouldn't even have IIS, FTP, HTTP SMTP installed.
Not having them there doesn't impact anything, unless you need to host an ftp site, run a website or have your server work as a SMTP relay.
December 16, 2008 at 10:02 am
Great information, thank you!
December 16, 2008 at 11:14 am
If you're running SQL Server Reporting Services for SQL Server 2000 or 2005, you'll need IIS Admin and WWW Publishing Service. FTP, SMTP, and NNTP should not be installed.
This gives you general guidance for a multitude of servers (nothing specific to SQL Server, though):
Windows Server 2003 Security Guide
K. Brian Kelley
@kbriankelley
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply