Securing windows 2003 std server after compromise
Posted on 2006-03-20
Okay, after spending a week or so of trying to track down weird problems with ms-sql-s, among other things, i noticed one of my phpbb has been hacked by some nice fella named Bela *mutters*
I dont think it warrants doing a nuke and pave of the server, but since i only have a few clients, who probably would not notice if the server went down for a few hours, i've decided since im having other problems i might as well go ahead and do it just to be on the safe side.
now my question is this, since the server is hosted on a well known dedicated/virtual/colocation datasite, all on the same domain (secureservers.net) it is constantly scanned by script kiddies looking for vulns, so i would need to be very quick in updating/securing it.
What updates and security fixes should i prioritize, besides windowsupdate.
also since im on a very tight budget, if anyone could suggest a free/cheap software firewall that i could use ?
been hesitant to set one up since it is a remote server, dont really want to install one and suddenly find i cant log into the server :D
also, been currently using AVG free anti virus scan, cheesy i know, but like i said tiny tiny tiny budget :D any suggestions on an AV software would be appreciated as well.