Solved

General Security Advice

Posted on 2004-04-19
5
204 Views
Last Modified: 2010-04-11
I have a 5 computer peer to peer network on XP pro. My ADSL internet connection reaches the network through ICS via one of the workstation computers. On this computer I also run IIS. What I want to do is place a client database within the www.root folder of this computer so that my clients can log on through ASP. Hence the IP address will need to be available to the internet without a fire wall. However I want to be able to isolate the other folders in the C drive of this computer and I want all the other computers on the network invisible to the internet. As the data does not contain highly sensitive information what is the best and simpliest approach
0
Comment
Question by:kempvet
  • 3
  • 2
5 Comments
 
LVL 6

Expert Comment

by:bloemkool1980
Comment Utility
if you would put your IIS like that on the internet you will get hacked or suffer from DDOS. I would suggest adding at least a firewall and if possible an IDS and reverse proxy.
running IIS  and leaving everything widely open is asking for trouble!
0
 

Author Comment

by:kempvet
Comment Utility
Or to rephrase the question what is the best way to put the IIS on the internet. What is the best method to use where there are other computer on the network using ICS.
0
 
LVL 6

Expert Comment

by:bloemkool1980
Comment Utility
THe best way would be to remove all unneeded software from the IIS.
Remove all anonymous access.
remove file and print sharing
remove front page extensions if not needed
do not put your www root on to your c drive
only allow IIS to access its own files and none outside.
reduce the number of processes that can be called by IIS
0
 

Author Comment

by:kempvet
Comment Utility
bloemkool1980
with the ISP that I use we have a small database folder on their server, we are able to make this database folder a folder where none of the files can be downloaded, it is possible to do this on the IIS as well? But it all sounds a little complicated, are there any software programs that will wall everything but the IIS off from the internet traffic?
0
 
LVL 6

Accepted Solution

by:
bloemkool1980 earned 250 total points
Comment Utility
I suggest you install a firewall to ensure your IIS is walled off.
And if you can read a folder you can download it there is no way around that. If you can read a file nothing will prevent it from being saved to the harddisk. Infact if you read a webpage it is stored on your client machine in the webbrowser cache so.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now