Lock Down IIS and SQL Server
October 3, 2005[From Enterprise Networking Planet]
In the first part of our look at securing distributed Windows apps, we covered how authentication and authorization are typically handled in Windows-based applications. Today, we'll cover some very specific recommendations for locking down IIS and SQL, both of which are often a large part of Windows-based distributed application environments.
The article continues at http://www.enterprisenetworkingplanet.com/netsecur/article.php/3552711