I have a web app that Ive written that sits on an IIS5 server with SQL2k. All known patches have been applied. I try and keep it up to date for security reasons.
Recently I put in a program called SecureIIS
and have SQL and IIS running on the same server. Now this web server has two ip addresses. I want to make security as tight as possible so no hackers can break in.
Any tips on how to harden SQL server or NT2k? I see on sqlsecurity.com they are saying to block access to TCP 1433 and UDP 1434 from all un-trusted clients. Any idea how to do this?