Solved

Hacking Issue

Posted on 2013-11-27
5
189 Views
Last Modified: 2013-11-27
I have an application server/webserver in a DMS with a public IP address.  Someone is trying to hack my public IP and locking out accounts.  Is there any way I can either block the IP's or block the port from the windows Server 2003 box?  this doesn't run IIS it's tomcat and it's a clustered environment
0
Comment
Question by:WellingtonIS
  • 3
  • 2
5 Comments
 
LVL 14

Accepted Solution

by:
Giovanni Heward earned 500 total points
ID: 39681357
There are several ways to address this, the most effective would be to block the IP address at your hardware firewall.
0
 

Author Comment

by:WellingtonIS
ID: 39681361
Yes that's what I though we are going to have to put one in front of it in the DMZ
0
 
LVL 14

Assisted Solution

by:Giovanni Heward
Giovanni Heward earned 500 total points
ID: 39681367
Yes, in the meantime you could try to contact your ISP to see if they have blocking capability further down the line.  You could also enable a software firewall on your webserver and block from there.

Tomcat supports remote address filters as well.

These are not the ideal solutions ( let your webserver be dedicated to being a web server, and not a firewall, database server, etc.), but will get you by in the meantime.

When you do get a firewall, best practice when creating a DMZ, would be to have the DMZ reside on an isolated private network.  You'd then create port address translations ( 80/TCP, 443/TCP ) from the public-side to the DMZ.  If you need to access the site internally, you could also create PATs from the private-side to the DMZ.

Taking things a step further, consider placing a web application firewall ( WAF ) in front on the webserver in the DMZ.  You could also place a reverse proxy in front of the WAF.  If you have a database backend, you could utilize database activity monitoring (DAM) between the webserver and the database server.
0
 

Author Closing Comment

by:WellingtonIS
ID: 39681433
I'm going to put a firewall in front of the server to stop this. thanks for the suggestions
0
 
LVL 14

Expert Comment

by:Giovanni Heward
ID: 39681456
Great!  Your welcome.  Here's a quick diagram to illustrate my recommended approach.

defense in depth
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
Learn about cloud computing and its benefits for small business owners.
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now