How to protect a File Server (Windows Server 2003) from external attacks
Posted on 2010-04-10
We are planning to rent a remote dedicated server (Win2k3) outside our office because we need more bandwith. It will be used as a file server to store PDF files.
This server will not be in any Active Directory or Internet domain. PDF files will be accessible through web browser to everybody interested to read them. To open them, users will use a web application hosted in a different IIS Web Server. Web application will open the PDF file that is stored in remote Win2K3 server.
What basic considerations should I implement to protect this server from attacks and how to protect my PDF files to not be changed or deleted by hackers.
I am aware of basic implementations:
- Disable the main admin account and create a new admin account with a random name.
- Some guys don't recommend software firewall on a Win2k3 box as it will create problems on server
- Instead, put a router or hardware firewall in front of the Windows Server for handling Internet traffic
Since my Win2K3 will be a remote dedicated server, I suppose that the hosting company should assure me that they put some firewall in front of my server. Are they responsible for this security level?
And for my PDF files, what should I do? It will be fair enough to check them as Read-Only?