The Planet Forums > Few questions about win2003/security

Full Version: Few questions about win2003/security

The Planet Forums > Security > General Security > Windows Security

altgamer

May 2 2005, 03:42 AM

Ok, i've got a P2800S TC server with Windows Server 2003 (purchased several months ago), and i'm wondering what the best ways to secure the server are. I don't really have the money for any hardware firewalls, books for help at this time or software, i'm on a bit of a fixed budget right now.

The main reason i'm making this post, is because the server has been crashing lately, and me and a bunch of my friends think its related to an IIS6.0 exploit, or attack via something like that.

I have been constantly updating the server for windows updates, and other stuff trying to keep it secure. But i'm just trying to make sure i'm doing stuff correctly and not leaving stuff open.

I'm also looking for a program/software so that I can block tcp/udp ports, without blocking RDP right after install.

If anybody can help or suggest anything i'd appriciate it, Thanks.

eddy2099

May 2 2005, 04:32 AM

Firstly, go to Orbit and request for a Vulnerability Scanning https://orbit.theplanet.com/nav_services/vs...scan_index.html . This should be free. if it is not enabled, contact support about it. This should tell you what is exploitable and what is not.

Server crashing can be caused by several reasons which would include :-

1) Hardware Failure
2) Misconfigured Scripts
3) Misconfigured Programs
4) Software which does not free memory after use
5) Insufficient Memory
6) Heavy Load which gives it the appearance of hanging
7) DoS attack or other exploits

Use Remote Desktop Connection (RDC) and go to Event Viewer (This is under the Administrative Tools tab) and check the Security tab to check if there is any illegal log in . Also check the Application tab to determine if there is any program crashing and the System tab for anything else.

If you have an Email Server, check the logs to see if there is any unusual number of emails going in or not.

Use the Task Manager (Ctrl+Alt+End) to see what the current CPU Load and Memory Usage is.

A Hardware Firewall is a great idea but like you said, the cost is a little high here. You could take a look at probably enabling IPSecs, you can use the pre-created profile at http://www.analogx.com/contents/articles/ipsec.htm . You need to open several ports for the IP Monitoring System to work.

At the same time, there are several Security Systems which you could use which are available here such as Ozone, it would deflect the common undesirable access to the server.

That should get you started somewhere.

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.