Solved

HOW TO PEREVENT HACKERS

Posted on 2001-06-26
7
198 Views
Last Modified: 2010-04-13
I manage  a network and we do low end web hosting.
I want to prevent hackers from entering our network
We have no firewal in place as of now.
Please suggest the most cost effective  way to go about it and any software needed. I know nothing can be guarantee, but we need a security in place all the same
Thanks so much
0
Comment
Question by:iyiola
7 Comments
 
LVL 32

Expert Comment

by:jhance
ID: 6228258
It's hard to answer without knowing more about what you are doing.  Do you strictly host web sites?  In that case, I'd suggest:

1) Configure your network properties so that HTTP port 80 is the only permitted connection.  

2) Configure your router to block everything but port 80.

3) Check that ALL of the Microsoft HOTFIXES for IIS are installed.

If you have computers other than those that host the web sites on the network, get a firewall.
0
 
LVL 1

Expert Comment

by:plasmatek
ID: 6228284
I'm obviously slightly biased on this subject but checkout our website @ www.plasmateksoftware.com

Definitely ensure that you have the latest service pack (2) installed, and security fixes from MS technet (www.microsoft.com/technet).

There are other simple things like ensuring your windows file sharing is disabled (or at least not bound to your internet adaptor)
0
 
LVL 5

Accepted Solution

by:
dcgames earned 20 total points
ID: 6228385
Definitely keep all the latest security fixes installed and check weekly to see if new ones come out.

I would close down any and all ports not explicitly needed for your web hosting. For example:

If you do e-mail, port 25 (inbound) and 110 (pop3 retrieval of e-mail)

If you do http/web pages, then 80 (http) and 443 (SSL)

I would also look at some cheap software firewalls, such as BlackICE Defender from Network ICE. They do a great job for a low, low, price.

Invest also in at least a one-time full scan of your web site (once you have semi-secured it).

There are many web sites on the internet that will do a full scan and try to identify vulnerabilities. Most will do a one-time reduced scan for like $10-$20 but there are some that have "small business" deals for under $100 that will let you scan again and again until you get it right.

Dave
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 7

Expert Comment

by:franka
ID: 6228397
one very simple and very important advice to prevent even futire hacks is to

- have the inetpub on a different partition than the system
- disable every unneeded services
- delete unneeded (Isapi) mappings


here are also several checklists:

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutions/security/tools.asp
0
 
LVL 1

Expert Comment

by:nrajan
ID: 6229194
I agree with Dave's suggestion to buy a firewall S/W. That way you don't have to re-invent the wheel.

Also you must setup file audits on your critical folders and also setup alerts so that you will be warned if there is any unauthorized access.

0
 
LVL 10

Expert Comment

by:DSPoole
ID: 6229649
First thing you should do is DUMP IIS - that thing is hackable NOT because of a lack of a firewall but because it is FULL of bugs (buffer overflows, etc.) that allow hackers in.  No firewall in the world can protect you from cases like that.  Microsoft also will take up to 30 days to issue a patch (IF they issue a patch) for the latest security breach in IIS.

Take a look at attrition.org - you'll see that a majority of the new exploits in IIS are on IIS 5.0

Get a secure web server such as Apache.
0
 

Author Comment

by:iyiola
ID: 6300352
Thanks to all.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Changing MS Windows 2003 Server product key 6 322
Update a root certificate 8 623
no logon server available 8 155
Referencing a mapped drive 6 124
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
We have come a long way with backup and data protection — from backing up to floppies, external drives, CDs, Blu-ray, flash drives, SSD drives, and now to the cloud.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now