Re: Anti-Virus Question!

From: sponge (yosponge_at_yahoo.com)
Date: 01/17/04 

Date: 16 Jan 2004 18:51:14 -0800

On Fri, 16 Jan 2004 17:53:48 -0700, NeoSadist <neosad1st@charter.net>
wrote:

>sponge wrote:
>
>> manglu@yahoo.com (Manglu) wrote in message
>> news:<2ae5cba9.0401160207.7c92a174@posting.google.com>...
>>> Hi,
>>>
>>> If i have a configuration of Web Server running in a DMZ and the
>>> APplicaiton Server and DB Server in the secured zone, is it
sufficient
>>> for me to install the Anti-Virus Software in the Web Server
machine
>>> only.
>>
>> No, a firewall is a good idea too.
>>
>>> Also, woul the anti-virus software intercept every
request/response
>>> coming in to/getting out of the WebServer
>>
>> Nope. That's what a firewall is for. I recommend filtering all
traffic
>> to all ports except those absolutely required by the service
running
>> on your server. I also recommend disabling any non-essential
services.
>> In theory, if you do that, a firewall isn't necessary, but the
reality
>> is that there are some services that either can't be disabled or
you
>> have to be sure your server applications don't reinstall. Use a
>> packet-filtering firewall, not a stateful one, and run Nmap on the
>> server when you are done setting everything up to be sure you
didn't
>> miss anything.
>
>Or would that be a firewall that can both filter packets and
statefully
>inspect them?

That's fine. Actually, SPI isn't bad in and of itself except any
service which is allowed server rights may open up services other than
what the user intends, and the user may not realize it. The packet
filters should ensure that nothing is opened to the world which the
user doesn't explicitly allow.
 
Sponge
Sponge's Security Stop
www.geocities.com/yosponge
My new email is yosponge two at yahoo dot com replace the two and the
space with the number.

Relevant Pages

  • Re: CEICW fails at firewall config
    ... Do you or do you not have ISA 2000 or ISA 2004 installed on the SBS server? ... Do you have 2 NICs in the SBS? ... CEICW fails on firewall configuration every time. ... >>> Call to Creating the protected networks access rule returned ok. ...
    (microsoft.public.windows.server.sbs)
  • Re: Recycler security issues on IIS server
    ... > latest upates to the server. ... > like to see the server put behind our firewall, ... other software, install all patches, IISlockdown, URLscan, use the correct ... the procedures you follow may vary depending on your security needs. ...
    (microsoft.public.inetserver.iis.security)
  • Re: ISA SERVER NOT STARTING
    ... I delete the nat/basic firewall and stop and started the RRAS an tried to ... There were no critical events in the DNS Server Log in the last 24 hours. ... An error occurred during logon ... Caller User Name: - ...
    (microsoft.public.windows.server.sbs)
  • Re: For Microsoft Partners and Customers Who Cant Download or Access
    ... to reconfigure the firewall, but to use a static IP on your client ... and to make sure that the DNS server entries on the client are ... Microsoft for msdn2.microsoft.com. ... use a static IP and set the DNS server addresses to the DNS ...
    (microsoft.public.dotnet.general)
  • RE: Is this as bad as it seems?
    ... The network being protected by the router or firewall is still vulnerable to ... > circumvented - the administrator has explicitly allowed HTTP traffic on ... this exploit has the effect of allowing the attacker to send *INBOUND* HTTP ... The HTTP server (located on the internal network or anywhere else that is ...
    (Security-Basics)