• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 294
  • Last Modified:

hotfixes for windows 2000 SP4

Hi All,

I would like to install a firewall on windows 2000 server.  I would like to know what are the patches that i should installed for a server running windows 2000 SP4.

The only application that i will use in the server is IE.  No others application (MS office) will be installed.

Thanks in advance.
2 Solutions
LucFEMEA Server EngineerCommented:
Hi eecw,

It's always recommended to install ALL patches. Mainly because of IIS running on the server by default (in which recently another security hole has been found which is being exploited at this moment) And, IE has the most patches of all programs in Win2k.
A better suggestion might be to use a completely different browser like Mozilla (http://www.mozilla.org)

About the firewall... it depends on what you need, a hardware firewall is always the best solution, you could combine it with an IDS. If you don't need that much protection and you just want a software firewall then there are a lot of options.


Lee W, MVPTechnology and Business Process AdvisorCommented:
2000 does not have a firewall built in or as an optional add-on from MS.  You'd like need ZoneAlarm Pro or a similar "Pro" product as most "home firewall" products will recognize server and won't install.
eecwAuthor Commented:
Hi LucF and leew,

I think i had not make my question clear.  I will install a firewall (example Checkpoint) on a server that is running Windows 2000  Server SP4.  And the only application i will use is IE, I will disable the ISS during the installation.

There are a lot of patches release by microsoft after the SP4.  I dont think it is sensible to install all the patches.  I only want to install those critical patches only.

Thank you
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

look for windows 2000 (Essential)
LucFEMEA Server EngineerCommented:

Although your logic is okey. New security holes will always be found, so the best option is to enable "automatic updates" in win2k. This will of course also install the patches for other things than IE, but at least you can be sure they're installed as soon as possible.
Another plus on this is that you can always enable for example IIS in case you want to start running a website in the future as all patches will be installed allready.

The patches are only there because they are needed. I strongly suggest you install ALL of them.
If your going to run checkpoint, then refer to checkpoint's FAQ's for any conflicts of patches / OS service pack levels.
If you were going to run ISA 2004, I grant you all patches should be installed.
Hope it helps.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now