Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Server Security

Status
Not open for further replies.
kev05

kev05

MIS
Mar 15, 2005
32
GB

Hi,

I am hosting my website on a dedicated server running IIS on a Windows 2003 Server box. I am very concerned about my server security as I am not using any firewall or other security programs or hardware. My Web server is directly connected on the Internet and is being accessed by hundreds of my site members.

I have scanned ports on my server and most of the ports are closed. I would like to have them blocked instead so that scanners are not able to probe my ports.

I am very concerned about the security of my server and would like some guidelines in which I can quickly secure my server.

Thanks so much in advance,
kev

 
Sort by date Sort by votes
activate the firewall and allow ONLY port 80 traffic.

quick and effective, believe me!

Aftertaf

"Solutions are not the answer." - Richard Nixon
 
Upvote 0 Downvote
As aftertaf says at the very least activate the software firewall, but much better buy a cheap hardware firewall they are dirt cheap these days.

 
Upvote 0 Downvote
I am hosting my server at a web hosting company, so I am not too sure whether I can install a harware firewall. How can I only allow port 80 from windows 2003 server? Does Windows 2003 server has any kind of firewall that I could use?

Thanks so much in advance
kev
 
Upvote 0 Downvote
Hi,

As I am using Windows 2003 server Web edition, Internet Connection Sharing, Internet Connection Firewall, and Network Bridge are not present. :-(

Any other ideas?

Thanks again,
kev
 
Upvote 0 Downvote
In addition to zone alarm, are there any other quick things that can help securing my server? How about having an IDS?
 
Upvote 0 Downvote
Your much better off with a cheap firewall router then involving firewall software on a server, less headaches. Set it and forget it, no updates, no strange interactions.
 
Upvote 0 Downvote
kev05 have you contacted your web hosting company? They really should be providing this service anyway.

"Horsey to king bish three
 
Upvote 0 Downvote
Hi,

I have contacted my web hosting company but they are not quite helpful. I might have to changed web hosting company as they are not helpful at all when it comes to securing my server.

Is it worth having an IDS running on the server?
Also, I would like to monitor my CPU performance, and get stats..such as graphs..any ideas how to do that?

Thanks so much
kev
 
Upvote 0 Downvote
If they provide you with a remote desktop to manage your server then you can use the Windows tools to monitor your server.

To be honest if your web host won't even answer a simple question like that i'd tell them to get stuffed and move hosts.

"Horsey to king bish three
 
Upvote 0 Downvote
Thanks for the info,
Yep, I will probably be looking at another hosting provider that offer server security,
thanks again :)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
526
MaioMaio
MaioMaio
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
705
Aquiles Vidal
Aquiles Vidal
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
926
suncit
suncit
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
547
antonio_dsanchez
antonio_dsanchez
jamescpp
  • Locked
  • Question
Windos OpenSSH server vulnerability
Replies
0
Views
665
jamescpp
jamescpp

Part and Inventory Search

Sponsor

Back
Top