Re: Do I need a firewall
From: Brett (bbsouth@bellsouth.net)
Date: 02/05/03
- Next message: Dan: "Re: Flooded with calls to port 1900"
- Previous message: Ned Flanders: "Re: How to Secure Your Browsers from Malicous Hackers"
- In reply to:(deleted message) Leythos: "Re: Do I need a firewall"
- Next in thread: Leythos: "Re: Do I need a firewall"
- Reply:(deleted message) Leythos: "Re: Do I need a firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Brett" <bbsouth@bellsouth.net> Date: Wed, 5 Feb 2003 08:23:06 -0600
"Leythos" <void@nowhere.com> wrote in message
news:MPG.18aac7d8d1666889989996@news-server.columbus.rr.com...
> In article <IdZ%9.2115$V32.633@news.bellsouth.net>,
> bbsouth@bellsouth.net says...
> >
> > "Leythos" <void@nowhere.com> wrote in message
> > news:MPG.18aa26357866c9b989991@news-server.columbus.rr.com...
> > > In article <CnT%9.214$eH1.80@news.bellsouth.net>,
bbsouth@bellsouth.net
> > > says...
> > > [snip]
> > > >
> > > > Ok on the Tracker troll.
> > > >
> > > > CF Sever and SQL Server are on the same box right now. I do
reference
> > the
> > > > box's IP address. I suppose I could just reference 127.0.0.1 and
that
> > would
> > > > keep my connection local correct?
> > > >
> > > > Still, if I am able to reference the box's Internet IP address, the
port
> > is
> > > > open. I'll need to read more on how to shut it off to external
> > connections
> > > > while allow it to be connected via 127.0.01.
> > > >
> > > > I'm still confused on what it means for SQL Server to be open to the
> > > > Internet. grc.com says 1433 is not open. What does that mean?
> > >
> > > Brett,
> > >
> > > If you can reference the SQL server port using the internet address it
> > > means your entire server must be exposed to the internet - Assuming
that
> > > you have a broadband or DSL connection, can you purchase a cable modem
> > > router to protect your network and server - this would mean that you
> > > would only forward port 80/443 inbound for your web server and the
> > > router would block all other inbound ports.
> > >
> > > One way to see if your SQL server is exposed is to open the Query
> > > Analyzer, enter the internet IP address of the server and the user/pwd
> > > an see if it connects. If you can connect, so can I from my home :)
> > >
> > > If you get a router then you will be a heck of a lot better off - it
> > > will block inbound ports unless you forward them to a local (internal)
> > > IP address. pointing to 127.0.0.1 will do nothing to protect you.
> > >
> > > --
> > > --
> > > Leythos999@columbus.rr.com
> > > (Remove 999 to reply to me)
> >
> > Thanks. After running unixcircle.com, I see quite a few ports are open.
> > Some I need to be open. Will a software firewall such as Zone Alarm
help
> > anything? It's a funding issue.
> >
> > Brett
>
> Brett, a software firewall is the base minimum you can start with, but
> $70(US) for a router at CompUSA or BestBuy is the better solution.
Not so. My hosting provider wants $140/mo for a firewall.
> Software firewalls will consume CPU cycles and memory as the port probes
> increase, if you get the router it will block the probes and you
> firewall will only report on things that actually get IN to the
> computer.
>
> The only ports you need open are 80/443 and possibly FTP. The rest
> should be closed for any CF server. I manage a group of CF developers in
> another state, they do fine with 80/443 open only. They VPN into the
> firewall and then get access to the servers if they need anything else.
>
> --
> --
> Leythos999@columbus.rr.com
> (Remove 999 to reply to me)
- Next message: Dan: "Re: Flooded with calls to port 1900"
- Previous message: Ned Flanders: "Re: How to Secure Your Browsers from Malicous Hackers"
- In reply to:(deleted message) Leythos: "Re: Do I need a firewall"
- Next in thread: Leythos: "Re: Do I need a firewall"
- Reply:(deleted message) Leythos: "Re: Do I need a firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
