Port Fowarding Security Issues
Posted on 2004-04-21
I have only allocated this question as 50 points because to experts this may be a very easy question.
If it proves otherwise I will up the points.
I am running an number applications on IIS on my server.
I want to access these applications from the internet.
I opened a port on my firewall, eg: 2770 and set my IIS to listen to that port.
When I connect to my server from home using the IP address and port no I can connect no problem.
I have also read a bit about setting up SSL on IIS and am fairly confident I can set it up on my server, using either a genuine cert or dummy/internal cert (Does not need to be trusted as only staff members will be accessing it)
So the plan as it stands is to create a main page in the IIS Home Directory Containing links to each application.
The security I plan to have is:
2. Log In/Cookies
3. IIS Configuration
But I am worried about opening up the port like this, are there any blatant security issues I am not taking into consideration here?