Re: still open ports with firewall enabled

From: David (davidwnh@adelphia.net)
Date: 11/21/02 

From: "David" <davidwnh@adelphia.net>
Date: Thu, 21 Nov 2002 01:01:54 GMT

>From your message I didn't realize Winroute was also a firewall but looking
at their website I would say dump NIS because it isn't made for or tested
with W2K server. Concentrate on Winroute as both your proxy and firewall.
Don't necessarily go with one antivirus because the two products you have do
very different things and I doubt Serverprotect scans network traffic. Also
the newer versions of NAV may not even install on Win2K server and works
very differently from Serverprotect(Can someone verify if NAV 2002-3 will
even install on a W2K server?) I've used workstation products on my servers
in the past however many software developers are writing out the ability to
even install them on server OS's in their more recent versions.
> > W2K Server
> > Norton Internet Security 2002 without Norton Antivirus installed
> > IIS 5.0 lockdown to web services only (no NNTP no SMTP no Frontpage
> > extension
> > etc.)
> > Trendmicro Webmanager 2.1 (scans http traffic for viruses
> > Trendmicro Serverprotect 5.5 (virus protect on server itself)
> > Winroute pro (share internet, proxy enabled, no mail server enabled)
> >
> > Another point is, i need IIS 5 to admin the webmanager application.
> > There is nothing else on this web-server. Should i remapp the port 80?
> > How do i implement this in winroute and NIS the best way? The
> > Webserver is only used from the intranet in the trused network zone.
> >
> Sounds like you're using too many security software applications at once.
> You could be doing the "two firewalls are worse than just one" thing.
See,
> security applications install system files so that they can add their
layer
> of protection to the operating system. Having two risks corrupting those
> system files, which could in essence ruin any security you thought you
had.
> Pick one software firewall (i recommend NPF) and one antivirus (i
recommend
> NAV) and stick with that.
> Still, it IS a server, and you need to harden the operating system
probably
> as well. Talk to symantec.
>
>

Relevant Pages

  • Re: Feedback solicited - best way to harden a mail/web server?
    ... Was the system protected by a properly configured firewall? ... it's not a bad "starting point" and it can generate an IPtables rule ... > nor is there a web or ftp server; aside from that I haven't tried to secure ... Before I'll install some nifty application ...
    (comp.os.linux.security)
  • Re: need help re. office network install
    ... > and their network is a mess, the result of years of neglect. ... they have a gateway server w/ no special ... > firewall rules on it, they have a large DMZ that serves no purpose ... install anymore software on the firewall machine than is absolutely ...
    (comp.os.linux.networking)
  • Re: Rogue PHP file
    ... Chances are there is a phishing site on the server. ... Calling support on Monday morning is a free call and they have forensic investigation tools to let you know what is on that box. ... If someone has rights to install stuff on a system from inside the lan no amount of a firewall will help unless you have rules monitoring what's going on. ...
    (microsoft.public.windows.server.sbs)
  • Re: WSUS 2.0
    ... I'm a WSUS lover, but I confess that for two client PCs, I'd probably use Automatic Updates set to auto-install. ... The problem I believe is that I can't access the SBS Premium firewall because RRAS has ipnat.sys running and is blocking access to the firewall. ... The server is running great and RWW is working fine. ... My question is can I install WSUS 3.1 without reinstalling WSUS 2.0??? ...
    (microsoft.public.windows.server.sbs)
  • Re: Trend SMB 3.0 Issues
    ... >> or it's name (specified during install). ... If I go directly to the site via IE (Server ... >> sounds like XP firewall. ... Look for blocked packets on the ports trend ...
    (microsoft.public.windows.server.sbs)
Loading