I have a client that would like to co-locate and asked for my help. I am familiar with running the ol' Cobalt RAQs and not much of a Windows (Win2k Server) type of person.

Any pointers or suggestion on the topic is appreciated.
I was looking into having Win2k Server running IIS along with iMail as a pop3 and maybe smtp package.

I would advice the guy to have automatic update feature on, and also maybe use LockDown feature/program to make his IIS more secure and disable unwanted services.

I myself few times thought of trying out the windows based and loading ActivePerl for the perl and php as well. Eventually load Ensim as a control panel. Which is the only one I know of that is Windows compatible.

What I am concern with is the security, firewall brand if needed, which most likely it will be provided by the colo center (hardware based) and the structure used.
I noticed few hosting companies using the x:\a-z\<useraccount>\ based on the first letter of domain that's what it falls under.

I also thought of using 3Ware card 7000 Series and drop 2x 120 gig drives in it. Use a MIRROR type of RAID.

Thanks,

I would advice the guy to have automatic update feature on, and also maybe use LockDown feature/program to make his IIS more secure and disable unwanted services. I would not set-up the autoupdate feature as a lot of the updates contain problems right out the door. We normally wait a few days (after being installed on a non-production test server) before updating a system. Yes, do use the MS IISLockdown tool & URLScan.What I am concern with is the security, firewall brand if needed, which most likely it will be provided by the colo center (hardware based) and the structure used. If you wanted a firewall, you could probably pickup a Netscreen 5 for about $500.00 and that should be able to take care of you for a while. We normally set-up sites on the non-system drive with the structure like:
<drive>
- SITES
--- DOMAIN
-------- HTML
-------- LOGS
-------- CGI-BIN
I also thought of using 3Ware card 7000 Series and drop 2x 120 gig drives in it. Use a MIRROR type of RAIDIt's a great card and I don't think you will have any problems.

Hope that helps!

Originally posted by RackMy.com
system drive with the structure like:
<drive>
- SITES
--- DOMAIN
-------- HTML
-------- LOGS
-------- CGI-BIN
It's a great card and I don't think you will have any problems.

Hope that helps!

I noticed you have the CGI-BIN outside HTML directory. I had a similar idea of Win2k of having HTML, LOGS and under LOGS I would have HTML logs and FTP Logs but why not have CGI-BIN inside HTML or do you have it mapped...

Thanks for the info.

A few URL's that you may find useful (if you've not already read them) :)
In no particular order.

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/iis/deploy/depovg/securiis.asp
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/iis/maintain/optimize/perflink.asp
http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/security/tools/tools.asp
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/chklist/iis5chk.asp
http://msdn.microsoft.com/library/default.asp?URL=/library/en-us/dniis/html/tencom.asp
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/iis/maintain/optimize/iis5tune.asp
http://nsa2.www.conxion.com/win2k/download.htm
http://www.iisfaq.com/

Subscribe to the Microsoft Security Bulletins: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/notify.asp

You will then get an update when they find a bug and it will explain where to obtain the patch / hot fix etc.