How to make sure my server is secure (laugh)

Q

QwertyJuan

[H]F Junkie
Joined
Aug 17, 2000
Messages
11,285
Running a 2k server(I know, I know), that is right now hosting a web-page.... with a static IP.... have a dlink router.... it seems to be blocking pings/port-scans etc.... but I'm sure it's not 100% secure.... looking at BSD right now as a firewall... but until that is setup, are there any programs that I can run to see if ANY ports are open to the net, or anything is accessible??

Also, should my web-server be a seperate 2k box and NOT my DC??

Thanx, QJ
 
Nessus or Nmap will allow you to check which ports are open and you can asses their potential problems from them.
 
The first thing you should do after setting up IIS is go to Microsoft's website and download IIS Lock Down. This will not make the server that much more secure, but it will change some settings to help.

If you are running IIS on your Domain Controller, i'd recommend moving it off to a seperate machine. You really shouldn't have you DC available to the internet. If you are thinkin of puttin a BSD machine in place for a firewall, you might as well just use that for the web server.
 
nmap -sV -O -v -P0 -T Insane xxx.xxx.xxx.xxx

that will check for open ports and try to find out whats running on the port(software name and version) then you can check to ensure all your shit is up to date.

of course the server is behind a firewall so as long as you don't put it in the DMZ or forward every port you won't need to worry too too much about ports being open on the server itself, other than IIS, heh.
 
You must log in or register to reply here.
Back
Top