Setting up a Network for a Small Business -

E

EmpathY

[H]ard|Gawd
Joined
Aug 3, 2002
Messages
1,104
Whats up guys, my family owns a small business thats fairly large, however we're just making our first step onto the eCommerce side, right now we're just running some basic Norton Firewalls (dont laugh) - what would be a 'step up' in security?

Thanks,
EmpathY
 
A current rundown of what already exists in the way of hardware / software / network setup / # workstations / # servers would allow us to provide you with a better response.............
 
3 Computers, router, and an Earthlink DSL connection - we're recieving about 50 orders a day via internet, and we really need to step up security.

Thanks for the quick followup,
Andrew
 
No offense, but your going to have to give more and better information than that if you expect a decent response...

For starters:

What OS does each computer run?
Why do you think your current security is lacking?
How do you receive orders via the internet?
Are there current issues or problems?
How is the DSL connection shared?
How do you store the customer information?
etc.
 
1) Windows XP Professional
2) Just security period, from hackers, and from just going to websites, period.
3) We receive our orders via xcart, login then process them from there (print out, label, ship, you know)
4) We have an issue, it is possible that one of the machines have a key logger, we had to shut the whole site down because a few files popped up on the webserver that we DID not upload (long story).
5) VIA Linksys router (ICS)
6) We store our customers information via xcart


---Also---

Do you know alot about clustering?
 
Might try clarkconnect, as it has built in IDS, as well as with some configuring, you can have a nice tight firewall ruleset, and setup a DMZ so that should anything get hax0red in the DMZ, it will NOT affect your LAN in any way. you will probably want to have some sort of backup solution running, and you will for sure not want to be running your web pages off of IIS and / or Windows....I also suggest subscribing to some of the bugtraq mailing lists, so you can read up on the latest security exploits as they come up, so you can patch your servers, keep things and services updated as they need to be, in a timely manner....

with a little bit of common sense, and a very restrictive, 'draconian' setup, your security should be much improved...
 
draconius said:
Might try clarkconnect, as it has built in IDS, as well as with some configuring, you can have a nice tight firewall ruleset, and setup a DMZ so that should anything get hax0red in the DMZ, it will NOT affect your LAN in any way. you will probably want to have some sort of backup solution running, and you will for sure not want to be running your web pages off of IIS and / or Windows....I also suggest subscribing to some of the bugtraq mailing lists, so you can read up on the latest security exploits as they come up, so you can patch your servers, keep things and services updated as they need to be, in a timely manner....

with a little bit of common sense, and a very restrictive, 'draconian' setup, your security should be much improved...
Click to expand...
Agreed and I also strongly suggest not using any MS product for webpages just too many gunning for that OS.
 
1) Windows XP Professional

Make sure all the patches have been applied, and that goes for other products (software) on the system as well. If possible upgrade to a client server environment and have group policies configured to lockdown the computers so its usable for business purposes. This will also help in reducing the number of unwanted programs being installed since you will have most people running as standard users.

2) Just security period, from hackers, and from just going to websites, period.

Protecting from hackers is a different goal than protecting users from malicious websites. First, a decent firewall will help in protecting from outsiders getting in. Second if you want to prevent what websites people visit, you'll need to install some kind of proxy server.

3) We receive our orders via xcart, login then process them from there (print out, label, ship, you know)

Is this web application hosted locally by you or by a third pary web hosting provider?

4) We have an issue, it is possible that one of the machines have a key logger, we had to shut the whole site down because a few files popped up on the webserver that we DID not upload (long story).

I would format and reinstall the suspect machine, its the only guarentee you will have at this point of knowing its clean.

5) VIA Linksys router (ICS)

Linksys is ok for home and very small business use, however I would suggest upgrading to something a bit more robust

6) We store our customers information via xcart
See question in # 3

---Also---

Do you know alot about clustering?

Yes I do know about clustering, but I need to know what you hope to accomplish by using it.
 
3) They are hosted on a third party, however they installed a key logger on one of our machines (we assume) because they installed a spam script and did some MASSIVE spam, they overdid it so much - within 2 hours rackshack caught on.

---I'll catch up to you on Clustering---
 
Enable automatic updates on the XP machines.

Don't use IE and switch to something like Firefox to avoid any spyware crap and exploits.

Also how is your email being checked?

Do you have antivirus on every machine with scheduled scans being run and automatic signature updates?

What type of accounts is everyone logging in as? Make them all user accounts and make sure they cannot install any software and lock down the machine so they can just do what they need to do if you are very paranoid.
 
You must log in or register to reply here.
Back
Top