Re: Which Router for VPN and Webhosting

From: David (davidwnh_at_adelphia.net)
Date: 09/14/03 

Date: Sat, 13 Sep 2003 23:55:33 GMT

The fact is that every HTTP related vulnerability that the BI IDS can block,
can be stopped with proper configuration and patching of the OS and IIS. And
if the server does get compromised you are often best protected against
further compromise by a firewall that is not located on the host itself. So
a good "router" for someone who wants to set up a webserver from home, would
actually be a firewall/router which includes packet filtering and allows for
outbound as well as inbound filtering. Since cost is probably an issue in
this case I would suggest looking at Zywall devices. Not the best out there
but you can get a Zywall 1 for about 120 US and the 2X for 130 US. A basic
cable/dsl router and desktop firewall will cost about 100 US. You will be
getting a lot more protection and functionality for the extra $20.

>
> >> I suggest that you use BlackIce, because of the IDS/FW that will
> >> close the ports to attack, if someone decides to launch an attack
> >> coming down port 80 with the machine accepting all IP's to your
> >> Website, that's assuming you'll be accepting all IP(s).
> >
> > And just how will BID stop normal access of port 80?
> >
>
> Well, I was accepting all IP(s) on ports 20, 21 and 80 and any IP doing
> normal things in contacting my IIS machine, BlackIce let them through.
> Any IP that was doing TCP or UDP port scans O/S Finger Prints or SQL
> Slammer probes or scans things of this nature, BI would close the port to
> that IP, although I never exposed SQL Server, except for putting the
> machine into the DMZ. And that was just to see what BI would do with
> accepting all IP(s) on the above ports. And this was being done for hours
> and days at a time just to see what would happen and nothing came pasted
> BI. Like I said before, the machines do not have anything of importance
> to me and I can rebuild and have rebuilt them at the drop of a hat.
>

Relevant Pages

  • Re: How to limit number of failed FTP logins?
    ... This box is only ruuning IIS there are no local ... usersand it is sitting behind a appparently efficient firewall. ... The problem with using a firewall is of course the port is open, ... > default user accounts for users that you have created. ...
    (microsoft.public.win2000.security)
  • Re: Creating a Web Site and publishing it
    ... To what application do I have to allow access in my firewall. ... (usually port 80 for IIS, but it's random using the built in VS web server ...
    (microsoft.public.dotnet.general)
  • Re: XPs built in VPN
    ... is there any way to make this work without asking the network administrator to change the firewall settings? ... I work under the IT dept and the administrators office is right across the hall from me, but I would never ask him to change the firewall for something so unnecessary. ... SSH - if you firewall does not block port 22. ... Run IIS on your Home PC, map the directory you want to ...
    (comp.dcom.vpn)
  • Re: Understanding Firewall-1 Configs
    ... You should not fear of an attack taking down the firewall, ... port 53 to the DNS server port 80 and ... >You are not able to ping the firewall from the Internet. ... >- -on port 80 to public ip address of IIS is NAT's to internal IP address of IIS ...
    (Security-Basics)
  • Re: keeping ports open
    ... If a port is open, it means that 1) a software or service is running on your ... and 2) you're not using a firewall or your firewall isn't ... Use firewall software and hardware and antivirus software that is ... Follow the instructions for hardening Windows and IIS at ...
    (microsoft.public.security)
Loading