WingYip
asked on
Am I secure
I run a Windows 2003 server at home with Exchange 2003.
I have opened the following ports on the firewall 25, 80, 443, 1723 to allow smtp, Outlook Web Access, and a VPN.
I do not have an SSL certificate or any other type of encryption enabled.
To connect to OWA we require a strong password that is all. This in itself I understand is supposed to be insecure.
However, on the router there is a facility that allows MAC address filtering which means that only machines with a specific IP address can get past the router and on to the local network.
Does this mean that my domain is secure from potential intruders?
Wing
I have opened the following ports on the firewall 25, 80, 443, 1723 to allow smtp, Outlook Web Access, and a VPN.
I do not have an SSL certificate or any other type of encryption enabled.
To connect to OWA we require a strong password that is all. This in itself I understand is supposed to be insecure.
However, on the router there is a facility that allows MAC address filtering which means that only machines with a specific IP address can get past the router and on to the local network.
Does this mean that my domain is secure from potential intruders?
Wing
ASKER
Why is specific IP more secure than mac address filtering?
Well I didn't say it was more secure...just a different way.
You can filter by mac address to add an additional layer that would make things "more secure". But this is still not fool proof. MAC addresses as well as IPs can be spoofed.
You can filter by mac address to add an additional layer that would make things "more secure". But this is still not fool proof. MAC addresses as well as IPs can be spoofed.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Well in a quick answer, NO. Your domain is NEVER 100% secure from attack....no matter what firewall you use, what ports you block, etc.
If someone gets a virus and opens it and gets infected....then it is inside your network and can potentially move thru your network.
Viruses can open firewall ports even if you have them closed.
If the machines you want to allow thru the router have static ip addresses then you can specifiy by ip address to only allow those machines thru. This does make things "More secure"....but nothing is ever 100% secure unless you unplug it from the network and turn it off.