So I have rebuilt that bombed server that I posted a thread about earlier this week. I have a new question that I think deserves a new thread.
If you are trying to run a server within an orginization that has no idea what it is doing as far as network security is concerned (assume worst case scenario), how can you protect yourself. More specifically, I have a machine that get's mild traffic/use file, print, FTP, and Web server. The server resides on a domain that is controlled by another office. It has a fixed IP address that is totally public and viewable to the outside world. It also resides behind a firewall that is not configured to restrict any traffic over ports.
I strongly believe that these things contributed to the machine getting compromised to begin with but the computing services staff refuse any guilt. Furthermore they will not give me any insight into any current security settings/protocol that may be in place at the top level (routers, firewalls, or whatever). So assuming the worst case scenario, what would you do to protect this necessary machine?
Install a software firewall maybe? Is it worth getting a router/firewall piece of hardware to do the job on my end? I can only assume that firewall software on a server is going to wreak havoc on the services.
I've already built the machine from the ground up and the settings are as tight as I can make them. It is a Win 2000 SP4 Server, the bastards won't even authorize my dept to buy a copy of Win2k3
If you are trying to run a server within an orginization that has no idea what it is doing as far as network security is concerned (assume worst case scenario), how can you protect yourself. More specifically, I have a machine that get's mild traffic/use file, print, FTP, and Web server. The server resides on a domain that is controlled by another office. It has a fixed IP address that is totally public and viewable to the outside world. It also resides behind a firewall that is not configured to restrict any traffic over ports.
I strongly believe that these things contributed to the machine getting compromised to begin with but the computing services staff refuse any guilt. Furthermore they will not give me any insight into any current security settings/protocol that may be in place at the top level (routers, firewalls, or whatever). So assuming the worst case scenario, what would you do to protect this necessary machine?
Install a software firewall maybe? Is it worth getting a router/firewall piece of hardware to do the job on my end? I can only assume that firewall software on a server is going to wreak havoc on the services.
I've already built the machine from the ground up and the settings are as tight as I can make them. It is a Win 2000 SP4 Server, the bastards won't even authorize my dept to buy a copy of Win2k3