Hi,

I'm all set to go with my server to host websites. What I'd like to do, however, before I connect to the world is configure my system to the optimally security settings possible. I'm running Windows Server 2003. Are there any online guides/tutorials that go through this stuff in a step-by-step easy to understand manner? To be specific, I'm interested in utilizing the OS's own security settings like folder permissions, password authentication, anonymous logins, etc., not installing other software like antivirus or firewalls (although I do have these). Can anyone guide me in the right direction?

Yes,
I sent you a site tut. on how to lockdown and secure IIS on 2003...

it is in the "hosting 2003..."

IIS 2003 is locked down by default.

However if you wish you can configure the tigher security configurations using security template. what do you need to know about security ???

Folder permissions and authentication/authorization ??? What do you want to know about it. Passwords are autheticated against a one way encryption algorithm. if it is valid then a token is returned that is a reference to the user. Folder permissions are just assign them by right clicking on the folder ->Security Tab. From there you can assign or deny users or specific privielages.

You should download Microsoft Security Guide at http://www.microsoft.com/downloads/details.aspx?familyid=8A2643C1-0685-4D89-B655-521EA6C7B4DB&displaylang=en#Overview

you should use microsoft Baseline Security Analzyer...

i haven;t used the one suggested above. that doesn;'t mean it wouldn't work.