Solved

Windows Server 2003 Security

Posted on 2004-10-07
4
162 Views
Last Modified: 2013-12-04
On windows server 2003, Ive ran into a few problems, first off, I was an idiot, setup a mail server, and did not secure it. That was stupid I know, Anyways, several unknown items happened...pretty much someone or someone(s) is using my mail server to send out spam...Ok, I went in a fixed it, so that wont happen any more, but after that little incident I started wondering how secure server 2003 really is. Im needing to know away to test every corner of my severs to see what exactly someone could do to it, if they happened to come accross. Open for any suggestions. Thanks.
0
Comment
Question by:miketech04
  • 2
  • 2
4 Comments
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12251149
Well what all is your server used for?  Do you have a firewall in place?  The most simple thing to do is ONLY open the ports that you absolutely have to.  IE  if it is a web server, only open port 80.  Are you NATing at all or does your server have a public IP address directly assigned to it?
0
 

Author Comment

by:miketech04
ID: 12253068
server1 - Only use DNS

server2 - Web server, dns2, ftp, and mail

Using a linksys router atm, no 100% hardware firewalls in place though...
0
 
LVL 25

Accepted Solution

by:
mikeleebrla earned 500 total points
ID: 12253120
if server 1 is used for EXTERNAL dns resolution (ie you host your own public DNS) then only port 53 needs to be open

server 2 needs ports 80, 20,21, and 25 open. again 53 but only if you host external dns on it.

if you are hosting secure email like outlook web access with ssl you will need port 443 open as well.
0
 

Author Comment

by:miketech04
ID: 12253135
Cool, Thank you for the info
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question