Open Ports....How to block them all....?

From: Curt_C [MVP] (Software_AT_Darkfalz.com)
Date: 11/19/02 

From: "Curt_C [MVP]" <Software_AT_Darkfalz.com>
Date: Tue, 19 Nov 2002 09:12:24 -0600

Ok, here's the situation. Win2k Server running IIS, AD, Exch2000, SQL2000

I keep it up to date with SP's and Patches but find that the server keeps
getting hacked and used as an "FTP" server with that stupid "Serv-U" app.
What can be done to secure this server so that this doesn't keep happening?
Is port blocking (leaving only bare necessity open) my only recourse? If so,
how?

I'm a developer, and know only basic fundamentals of OS/IIS security.....

Thanks

(P.S... I keep manually killing the app that gets installed and manually
deleting the files/app/dirs that the hack creates.) 

--
----------------------------------------------------------
Curt Christianson (Software_AT_Darkfalz.Com)
Owner/Lead Designer, DF-Software
http://www.Darkfalz.com
---------------------------------------------------------
..Offering free scripts & code snippits for everyone...
---------------------------------------------------------

Relevant Pages

  • Re: Selling the boss on a "publish to the web" Access app?
    ... Go to www.officelive.com, this free small business edition is only available to North America customers right now however. ... Are the users app specific where certains users can log into that app or have rights to it but not others? ... The person coming in the door that wants to sell new carpets or new desks or a new paint job on the walls or even a new computer has to justify that they're going to save the company money. ... I suppose you could bring in a whole bunch of IT people, and go through all enormous expenses and dangers of security of setting up a web host server. ...
    (comp.databases.ms-access)
  • Re: Homegrown synchronization
    ... to check for update files in the Import DropBox for the server. ... similar to the import code used to update a remote backend). ... code to close the "sync" app. ... synch app, but only one at a time would be able to do synchs. ...
    (microsoft.public.access.replication)
  • RE: Beginners Questions
    ... We do use Windows form on the presentation layer which is on ... terminal server and call web services on the business logic side. ... of using "proxy" authentication on SQL Server. ... > I have written an app with a Windows Forms UI that is deployed to clients ...
    (microsoft.public.dotnet.distributed_apps)
  • Re: Ruby Enterprise App Design Advice
    ... Load balanced to send user to best server. ... FastCGI or SCGI - We would like to replace FastCGI with something ... certain instance and want to have a single session server (if I understand ... deals with login and logout and assigns an app server. ...
    (comp.lang.ruby)
  • RE: C++ Garbage Collector on VMS?
    ... And HW is usually not a problem in th app tier. ... One for App server, one for DB. ... Tiers were a great concept when HW could not keep up with the processing required by each tier and network speeds were slow and unreliable. ... In small to medium app environments, ...
    (comp.os.vms)