Re: Open Ports....How to block them all....?
From: Jeff Cochran (jcochran.nospam@naplesgov.com)
Date: 11/19/02
- Next message: Curt_C [MVP]: "Re: Open Ports....How to block them all....?"
- Previous message: Tim Greene: "RE: Enrollment control"
- In reply to: Curt_C [MVP]: "Open Ports....How to block them all....?"
- Next in thread: Curt_C [MVP]: "Re: Open Ports....How to block them all....?"
- Reply: Curt_C [MVP]: "Re: Open Ports....How to block them all....?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: jcochran.nospam@naplesgov.com (Jeff Cochran) Date: Tue, 19 Nov 2002 19:55:38 GMT
>I keep it up to date with SP's and Patches but find that the server keeps
>getting hacked and used as an "FTP" server with that stupid "Serv-U" app.
>What can be done to secure this server so that this doesn't keep happening?
>Is port blocking (leaving only bare necessity open) my only recourse? If so,
>how?
>
>I'm a developer, and know only basic fundamentals of OS/IIS security.....
Step 1: Reformat, reinstall and restore. You may have a backdoor
already installed.
Step 2: http://www.microsoft.com/security/ Install the patches
*before* you come back online. Especially URLScan and the lockdown
tool, making sure you read the docs so you can still use scripts.
Step 3:
http://www.systemexperts.com/win2k/HardenWin2K.html
http://www.anitian.com/corp/papers/Hardening_Win2k.pdf
http://rr.sans.org/win2000/standalone.php
http://www.ntsecurity.net/Articles/Index.cfm?ArticleID=22365
Step 4: Configure your firewall to accept only those ports you wish,
port 80, maybe 20/21, 25, 53, 110 depending on what you're using.
Yep, you *need* a firewall.
Step 5: If you're still paranoid, Network Connections -> TCP/IP ->
Advanced -> Options and configure filtering. Though you may need
ports open that you don't want outsiders to use, and this is an on/off
deal. Firewalls are more configurable.
Good luck.
Jeff
- Next message: Curt_C [MVP]: "Re: Open Ports....How to block them all....?"
- Previous message: Tim Greene: "RE: Enrollment control"
- In reply to: Curt_C [MVP]: "Open Ports....How to block them all....?"
- Next in thread: Curt_C [MVP]: "Re: Open Ports....How to block them all....?"
- Reply: Curt_C [MVP]: "Re: Open Ports....How to block them all....?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
