Solved

Hacking Issue

Posted on 2013-11-27
5
188 Views
Last Modified: 2013-11-27
I have an application server/webserver in a DMS with a public IP address.  Someone is trying to hack my public IP and locking out accounts.  Is there any way I can either block the IP's or block the port from the windows Server 2003 box?  this doesn't run IIS it's tomcat and it's a clustered environment
0
Comment
Question by:WellingtonIS
  • 3
  • 2
5 Comments
 
LVL 14

Accepted Solution

by:
Giovanni Heward earned 500 total points
ID: 39681357
There are several ways to address this, the most effective would be to block the IP address at your hardware firewall.
0
 

Author Comment

by:WellingtonIS
ID: 39681361
Yes that's what I though we are going to have to put one in front of it in the DMZ
0
 
LVL 14

Assisted Solution

by:Giovanni Heward
Giovanni Heward earned 500 total points
ID: 39681367
Yes, in the meantime you could try to contact your ISP to see if they have blocking capability further down the line.  You could also enable a software firewall on your webserver and block from there.

Tomcat supports remote address filters as well.

These are not the ideal solutions ( let your webserver be dedicated to being a web server, and not a firewall, database server, etc.), but will get you by in the meantime.

When you do get a firewall, best practice when creating a DMZ, would be to have the DMZ reside on an isolated private network.  You'd then create port address translations ( 80/TCP, 443/TCP ) from the public-side to the DMZ.  If you need to access the site internally, you could also create PATs from the private-side to the DMZ.

Taking things a step further, consider placing a web application firewall ( WAF ) in front on the webserver in the DMZ.  You could also place a reverse proxy in front of the WAF.  If you have a database backend, you could utilize database activity monitoring (DAM) between the webserver and the database server.
0
 

Author Closing Comment

by:WellingtonIS
ID: 39681433
I'm going to put a firewall in front of the server to stop this. thanks for the suggestions
0
 
LVL 14

Expert Comment

by:Giovanni Heward
ID: 39681456
Great!  Your welcome.  Here's a quick diagram to illustrate my recommended approach.

defense in depth
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now