Secure the Root Folder of Each Disk Volume Immediately after a new installation of Microsoft® Windows® Server 2003, the special group Everyone has Read and Execute permissions on the root of the system volume, which is the disk volume where Windows Server 2003 is installed. Any folders created beneath the root of the system volume automatically inherit the permissions assigned to the root of the system volume. This means that the Everyone group will have Read and Execute permissions on any new folders created immediately beneath the root of the system volume. To prevent an accidental breach in security, remove the permissions assigned to the special group "Everyone" on dedicated Web servers. Requirements
Recommendation As a security best practice, log on to your computer using an account that is not in the Administrators group, and then use the Run as command to run IIS Manager as an administrator. At the command prompt, type runas /user:administrative_accountname mmc %systemroot%\system32\inetsrv\iis.msc. Procedures
|