Hi Guys,
I have just taken delivery of a shiny Windows 2K3 server from a2b2.com and wanted to secure it so that only remote desktop and port number 3306 from certan IP address are allowed to connect to it. I would also like to have NO outgoing connections allowed at all.
My question is are there any companies that you would recomend to do this?
Many Thanks
PaulThis seems like a small job if RDP is the only thing that you are looking at. Are you looking at further securing your server and monitoring it 24x7 or just the task that you mentioned?email me with additional details <!-- e --><a href="mailto
[email protected]">[email protected]</a><!-- e -->
This is easy to setup. You can firewall all ports except for RDP and mysql and then enable access to those ports from trusted IP addresses using the Windows Local Security Policy.yeah i would recommend u look in to windows firewall .. or zonealarm...Windows Firewall is too basic. ZoneAlarm is good. Another option I recommend is Visnetic Firewall from Deerfield. Nice application layer filtering options.
Whatever you install make sure that you do not lock yourself out by blocking the RDP port.i have used windows firewall... and i think its not as basic and unsecure as u think.. u can compare it with some good firewalls out there.... the basic function of a firewall is to block ports and i think its doing tht fine enoughI would not agree that the basic function of a firewall is to block ports. Ideally you should always have a perimeter firewall which blocks ports and another set which filters traffic.
The perimeter firewall would work at the Network Layer while the Application Firewall would work at the Application Layer. This way you can seure your servers at the best level.
If you are not looking at investing a lot in to all this, then the best bet is to enable Windows Basic Firewall for port blocking and then lock-down IIS. I would still recommend installing a application layer firewall. It's worth the investment.Hello PaulStuffins,Windows default firewall is very basic and do not have usefull functionality.You can either use hardware firewall for your servers.I am working as a Windows System Administrator from last 3 years.If you set up/configure your server with proper security, with continuous monitoring then belive me you do not need to worry about the security holes.We have some customized tools to secure and monitor server, real time cpu load, memory load, number of connections to server,SYN attack, DOS attack....There are many ways using which you can completely secure servers, which a regular task of my duty hours.Belive me ocne you set up your server properly you will not have to worry about it for a long time.I am working as SysAdmin for more that 1000 servers.<snip>Cheers.Please note that, by default all the ports are open on windows server. You need to block them as per your requirements.you can block the ports in default firewall as well as from any external firewall.Hi Guys,
I have just taken delivery of a shiny Windows 2K3 server from a2b2.com and wanted to secure it so that only remote desktop and port number 3306 from certan IP address are allowed to connect to it. I would also like to have NO outgoing connections allowed at all.
My question is are there any companies that you would recomend to do this?
Many Thanks
Paul
I'd recommend checking out got-management.com. I've heard good things about their Windows management services.Yep, contact Jon from got-management.com. You could do this yourself but if you want some help, they are the guys to go to.Anyone cheaper than got-management.com ?have u tried cheap managed hosting company keyword in google ?Hi Guys,
Thanks for all your replys but the os has been changed to Ubuntu. Thanks again for the sugestions I will keep them in mind for future if I need any Windows management.
PaulUbuntu seems like an odd choice as a server OS, any reason you chose it?Hi Jeff,
I have been informed that Ubuntu would be best for my needs. Running just MySQL on the server.
Paulcontrary to the opinions expressed here, the windows server packet filtering is more than up to the job. figure as well that as a native capability, it is better integrated into the network stack than any third party offering could ever be.
the trick of course is to know packet filtering absolutely cold.
I have just taken delivery of a shiny Windows 2K3 server from a2b2.com and wanted to secure it so that only remote desktop and port number 3306 from certan IP address are allowed to connect to it. I would also like to have NO outgoing connections allowed at all.
My question is are there any companies that you would recomend to do this?
Many Thanks
PaulThis seems like a small job if RDP is the only thing that you are looking at. Are you looking at further securing your server and monitoring it 24x7 or just the task that you mentioned?email me with additional details <!-- e --><a href="mailto
[email protected]">[email protected]</a><!-- e -->This is easy to setup. You can firewall all ports except for RDP and mysql and then enable access to those ports from trusted IP addresses using the Windows Local Security Policy.yeah i would recommend u look in to windows firewall .. or zonealarm...Windows Firewall is too basic. ZoneAlarm is good. Another option I recommend is Visnetic Firewall from Deerfield. Nice application layer filtering options.
Whatever you install make sure that you do not lock yourself out by blocking the RDP port.i have used windows firewall... and i think its not as basic and unsecure as u think.. u can compare it with some good firewalls out there.... the basic function of a firewall is to block ports and i think its doing tht fine enoughI would not agree that the basic function of a firewall is to block ports. Ideally you should always have a perimeter firewall which blocks ports and another set which filters traffic.
The perimeter firewall would work at the Network Layer while the Application Firewall would work at the Application Layer. This way you can seure your servers at the best level.
If you are not looking at investing a lot in to all this, then the best bet is to enable Windows Basic Firewall for port blocking and then lock-down IIS. I would still recommend installing a application layer firewall. It's worth the investment.Hello PaulStuffins,Windows default firewall is very basic and do not have usefull functionality.You can either use hardware firewall for your servers.I am working as a Windows System Administrator from last 3 years.If you set up/configure your server with proper security, with continuous monitoring then belive me you do not need to worry about the security holes.We have some customized tools to secure and monitor server, real time cpu load, memory load, number of connections to server,SYN attack, DOS attack....There are many ways using which you can completely secure servers, which a regular task of my duty hours.Belive me ocne you set up your server properly you will not have to worry about it for a long time.I am working as SysAdmin for more that 1000 servers.<snip>Cheers.Please note that, by default all the ports are open on windows server. You need to block them as per your requirements.you can block the ports in default firewall as well as from any external firewall.Hi Guys,
I have just taken delivery of a shiny Windows 2K3 server from a2b2.com and wanted to secure it so that only remote desktop and port number 3306 from certan IP address are allowed to connect to it. I would also like to have NO outgoing connections allowed at all.
My question is are there any companies that you would recomend to do this?
Many Thanks
Paul
I'd recommend checking out got-management.com. I've heard good things about their Windows management services.Yep, contact Jon from got-management.com. You could do this yourself but if you want some help, they are the guys to go to.Anyone cheaper than got-management.com ?have u tried cheap managed hosting company keyword in google ?Hi Guys,
Thanks for all your replys but the os has been changed to Ubuntu. Thanks again for the sugestions I will keep them in mind for future if I need any Windows management.
PaulUbuntu seems like an odd choice as a server OS, any reason you chose it?Hi Jeff,
I have been informed that Ubuntu would be best for my needs. Running just MySQL on the server.
Paulcontrary to the opinions expressed here, the windows server packet filtering is more than up to the job. figure as well that as a native capability, it is better integrated into the network stack than any third party offering could ever be.
the trick of course is to know packet filtering absolutely cold.