increase security for the firewall
I need advice on how to increase security for the firewall...
Right now all the ports are closed except two of them becasue the internet application needs to reach the database to update the information in the database.
If someone were to compromise the web server, they could easily get to all the databases located on the server which can be accessed from the internet in order for the code to to update the databases. I need to find a way to lock this down, and still have the application connect to the database.
Is there a way? If not, is there a way to increase security?
Is there a way to hide which ports are open from hackers?
Right now all the ports are closed except two of them becasue the internet application needs to reach the database to update the information in the database.
If someone were to compromise the web server, they could easily get to all the databases located on the server which can be accessed from the internet in order for the code to to update the databases. I need to find a way to lock this down, and still have the application connect to the database.
Is there a way? If not, is there a way to increase security?
Is there a way to hide which ports are open from hackers?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Any ports open would be visible by anyone who is within an arm's length of that server. One thing you could do is have the database server drop any ICMP traffic via something like a software firewall. That would prevent things like pings. Maybe you should look at better securing each server... for example, using IISLockdown on the web server (assuming it runs Windows and IIS on it).
However, anything that's left open to the world will always have a shot at being exploited... hence why you try to open up as little as possible. And you'll also want to make sure anything that doesn't need to be accessed by the outside is behind as much protection as possible.