twallstr
asked on
Configuration of a WEb server and security issues
I need some help in regards to setting up a web server and the security issues related to that. The plan is;
*The web server will be placed in a DMZ.
*It will only provide viewable information, meaning that users from the outside will not be able to write to it or download anything; only view the web page with information on it.
*It will be administered from the local network probably via SSL.
My questions are;
* Which services/protocols are abslolutely necesary for the server to function as described(I want to turn off/block everything not necessary).
* Is there a need for Anti-virus software on the server? My reasoning being that since nobody but a few authorized personal should have access to the server viruses should not be a concern or?
Thank you in advance
twallstr
*The web server will be placed in a DMZ.
*It will only provide viewable information, meaning that users from the outside will not be able to write to it or download anything; only view the web page with information on it.
*It will be administered from the local network probably via SSL.
My questions are;
* Which services/protocols are abslolutely necesary for the server to function as described(I want to turn off/block everything not necessary).
* Is there a need for Anti-virus software on the server? My reasoning being that since nobody but a few authorized personal should have access to the server viruses should not be a concern or?
Thank you in advance
twallstr
ASKER
diggidaur
Thanks for your answer but ..does it really matter which server I will use? I really don't trust that the vendor (Microsoft) will lock down the server sufficently. I feel it's better to know what to run and check things myself.
But if it does matter I was thinking of using the Web edition 2003 :-)
twallstr
Thanks for your answer but ..does it really matter which server I will use? I really don't trust that the vendor (Microsoft) will lock down the server sufficently. I feel it's better to know what to run and check things myself.
But if it does matter I was thinking of using the Web edition 2003 :-)
twallstr
well, you of course need 80 and 443 access to your server on the DMZ... 80 to the internet and 443 to your local network to administer it. you also need to set up an SSL cert on it. you need to set your file permissions to allow read-only access to your directories. as far as AV goes, be safe. put AV protection on it. it's much better to have a secured system (at a low price to you) than to have an infected web server.
i'm not sure if this is what all you're looking for...
justintx
i'm not sure if this is what all you're looking for...
justintx
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If its a new server I would highly recommend Windows 2003 Server as it is very locked down and most services come now preconfigured as stopped and disabled.
The Web Edition of the server 2003 OS might be the most advantageous for you....
http://www.microsoft.com/windowsserver2003/evaluation/overview/web.mspx