Securing an IIS 4.0 Web Server, Machine and All

The objective of this paper is to show how I secured my organization's web server, which fatally crashed earlier this year. I will describe the steps taken in securing the server from OS (Operating System) to IIS (Internet Information Server) and the vulnerabilities corrected by the configuration. I will outline the state of security the web server was in before the crash and the final state of security the server was in after all the changes were made.