[Dshield] Locking down NT4 Server

pop.ntlworld.com lazerfx at ntlworld.com
Mon Oct 1 15:26:05 GMT 2001


I have to admit I've never actually done anything like this, but I'd find
out the IP address of your web server (I assume it has a static IP address)
and set the machine to *ONLY* send/recieve traffic to/from this IP address.
Install a 'personal' firewall on the machine, Tiny Personal Firewall
(http://www.tinysoftware.com/pwall.php) is probably best in this instance,
and block all traffic from anything other than the target server.

Also, make sure you are constantly installing the updates, critical updates,
patches, service releases etc - if possible before connecting to the outside
world (Or the network if possible - if you can burn all the updates etc to a
CD and then install from there, so the machine is 'bullet proof (Or at least
circumstantial evidence - MS is never proof :P)', it would make your life
easier.

Anyway, that's my $2,733.43 (Inflation) worth.  I'm sure others will have
more :)

Peter Street
Web Developer
LazerFX Productions
www.lazerfx.co.uk (Under Development - I know you can't see it, but it is.
Honestly.  Yes!)

-----Original Message-----
From: dshield-admin at dshield.org [mailto:dshield-admin at dshield.org]On
Behalf Of George Lemos
Sent: 01 October 2001 14:59
To: DSHIED
Subject: [Dshield] Locking down NT4 Server



I have an NT4 sp6a SRP server on the public side of my
network. Its strictly a machine that uses back up exec
software to back up my web server which is also on the
outside. It has no IIS, its just used for backups.

I'm looking to lock it down so that it does not accept
traffic on any ports except the ports it needs in
order to back up the other machines on the public
side.

For those of you that might have done this
successfully in the past, any pitfalls or details to
look out for? I'm looking in the manual and it lists
the ports that it uses so I may just jump right into
it from there.

Any suggestions on port filtering like what I'm
mentioning would be greatly appreciated.

Thanks!



__________________________________________________
Do You Yahoo!?
Listen to your Yahoo! Mail messages from any phone.
http://phone.yahoo.com

_______________________________________________
Dshield mailing list
Dshield at dshield.org
To change your subscription options (or unsubscribe), see:
http://www1.dshield.org/mailman/listinfo/dshield




More information about the list mailing list