Recommendations on protecting a Microsoft 2003 server with Lotus Domino 6.5

Application security
Disaster Recovery
Incident response
Instant Messaging
Intrusion management
Lotus Domino
Microsoft Exchange
Microsoft Windows
Network security
Risk management
Secure Coding
Security Program Management
SQL Server
I need advice on where I can find information on how to secure a Domino web server on the internet. We are running on a Windows 2003 server. Is there a checklist or script I can work through to lock down my Domino configurations? Is there some way to know what I can uninstall or remove from the Microsoft server to secure it from unauthorized use? Advice or references would be greatly appreciated. Jim

Answer Wiki

Thanks. We'll let you know when a new response is added.

Hi Jim!!

Refer to the following article:

It will help you.


Nilesh Roy.

Discuss This Question: 5  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Bouncybrit
    There are check lists for windows security however you need to be careful, because no checklist works for everyone. here is the link to microsfts own hardening IIS documentation. the best resource for securing windows though is the SANS reading room.
    10 pointsBadges:
  • Mlandes
    hi securing a 2000 box or even 2003 was not easy even though 2003 comes with a different concept (out of the box) that everything is closed except what you open yourself you can fins on the site pages and pages of hardening manuals.... but very suprising microsoft has released a SP1 for 2003 which has a hardening work flow (as we say "wizard") making it very easy i think you should split in your mind to 2 questions: a. hardening the 2003 box b. attend vulnerabilities of lotus domino 6.5 in respect to a - try and use 2003 SP1 in respect to b - just keep an eye on vulnerabilities on the internet for lotus domino, and keep you sofware updated at all times thanks moti
    0 pointsBadges:
  • Nickyxx9
    On the Windows 2003 front - the security checklists are really useful, but as bouncybrit said, don't just assume that you should implement every setting. Some of the recommended security settings can cause application issues (says the voice of bitter experience!) so you shouldn't just apply Microsoft's security templates out of the box. We usually look at the template settings and apply them a few at a time, testing in between, then create our own template from the test machine.
    0 pointsBadges:
  • SecGeek
    I've always liked the idea of getting an independant view of setting up the product. Here is a good 'free' benchmarking tool that allows you to see where problems with your setup may exist. The have a benchmarking tool for just about every OS in wide use. Peace "He that would make his own liberty secure must guard even his enemy from oppression; for if he violates this duty he establishes a precedent that will reach to himself." --Thomas Paine
    0 pointsBadges:
  • Bobkberg
    I'll second secGeek's recommendation for I'm a member, and have helped some of the standards development. I've also used their tools in multiple instances. Good stuff, and the price is right - as long as you don't re-distribute. Bob
    1,070 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: