Security

  • Darkfoxx
  • Beginner
  • Beginner
  • User avatar
  • Posts: 52

Post 3+ Months Ago

Anyone know of a free security program for my webserver? E.g. a firewall and virus protection geared exclusively toward servers.
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

Might help if you provided some info about your server, such as OS, etc.
  • Uncensored-Hosting
  • Proficient
  • Proficient
  • User avatar
  • Posts: 383
  • Loc: Los Angeles

Post 3+ Months Ago

That's an understatement ... you should also consider hiring a professional to harden your server for you. God forbid you lock yourself out of your box. Especially if it's located in a DC that offers little or no support and/or will charge you 75/hour or more to correct your error(s).

ATNO/TW wrote:
Might help if you provided some info about your server, such as OS, etc.
  • Darkfoxx
  • Beginner
  • Beginner
  • User avatar
  • Posts: 52

Post 3+ Months Ago

LoL...my server is in my home, so I don't have to worry about that.
I use Windows with Abyss Webserver.
  • Darkfoxx
  • Beginner
  • Beginner
  • User avatar
  • Posts: 52

Post 3+ Months Ago

Anyone? It's been more than a week and still no replies. Security is very important to me because i want to protect my server and its data.
  • musik
  • Legend
  • Super Moderator
  • User avatar
  • Posts: 6893
  • Loc: up a tree

Post 3+ Months Ago

Why dont you use the local security policy in Windows? You can protect your ports with a shared key, which means your computers can talk to your Windows server with no intervention, but other peoples computers will not be able too.
  • Darkfoxx
  • Beginner
  • Beginner
  • User avatar
  • Posts: 52

Post 3+ Months Ago

Well.....won't that block the essential ports I need to run my webserver(s)? 80, 21, 25, and 3000-something are for webserver related programs. I need security so that people can't gain access to my server and upload viruses, warez, etc....
  • musik
  • Legend
  • Super Moderator
  • User avatar
  • Posts: 6893
  • Loc: up a tree

Post 3+ Months Ago

It'll only block the ports you specifically tell it to - I'd start with 135, 137, 139 and 445 in the first instance. Uploading warez and such like is relatively unlikely unless you're allowing anonymous FTP access anyway. If you really want to allow anonymous FTP then you should only allow uploads into a particular directory and make it write only - that way any warez that anyone uploads can't be downloaded until you move it to a new location.

Here is a link with some more info:
http://www.microsoft.com/windows2000/te ... csteps.asp

I successfully used IPSec policies to harden a windows 2000 (and later 2003) against internet attack for a couple of sites. There's a bunch of other steps you ought to take to harden the thing but its a whole area of administration that really needs some good expertise and you're not likely to pick it up off a forum - if it's essential data then hire someone to train you, or to do it for you.. If you're just playing around and want to be as safe as possible on a budget, then by all means ask us questions :)

And as mentioned before (in case you ever do this remotely) you can easily shoot yourself in the foot by using the policies to lock yourself out :)

By the way, port 80 is the only port used by http protocol... 443 is used by https. 21 is FTP, 25 is SMTP (mail) and who knows what you're offering on port 3000 ;)
  • Darkfoxx
  • Beginner
  • Beginner
  • User avatar
  • Posts: 52

Post 3+ Months Ago

Thanks for the info. The port 3400 (something like that) is for MySql (or so it says...even though I don't forward that port and it still works...oh well.
  • musik
  • Legend
  • Super Moderator
  • User avatar
  • Posts: 6893
  • Loc: up a tree

Post 3+ Months Ago

You want to block that, mySQL is 3306 :D
  • musik
  • Legend
  • Super Moderator
  • User avatar
  • Posts: 6893
  • Loc: up a tree

Post 3+ Months Ago

Out of interest, you say your server is in your home and you talk of 'i dont forward that but it still works' - are you using a NAT configuration or does your server have a real, assigned by your ISP, ip address?

If you're using NAT (ie your server has a 10.xxx.xxx.xxx or 192.168.xxx.xxx address) then you don't need to secure it with IPSEC anyway - just configure your router to only forward the specific ports you actually want people to see!
  • Darkfoxx
  • Beginner
  • Beginner
  • User avatar
  • Posts: 52

Post 3+ Months Ago

Yea i use a router so I only forward the ports I need (80,21,and 25). I was just worried about the server being prone to web-based security risks I don't know about, not port-based security.

Post Information

  • Total Posts in this topic: 12 posts
  • Users browsing this forum: No registered users and 19 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.