Re: Open port 80, security issues?
- From: "Bjorn Sagbakken" <bjo-sag@xxxxxxxxx>
- Date: Thu, 27 Dec 2007 13:59:10 +0100
"Mr. Arnold" <MR. Arnold@xxxxxxxxxx> wrote in message
news:u2QMY72RIHA.4684@xxxxxxxxxxxxxxxxxxxxxxx
"Bjorn Sagbakken" <bjo-sag@xxxxxxxxx> wrote in message
news:UuGdnW5zUNYi6vba4p2dnAA@xxxxxxxxxxxxxx
Hi.
This might not be the right forum for my question, but still I throw it
out:
I have just succeeded in publishing my ASP.NET web application on my own
PC, opening port 80 in/out in my firewall, so now it is accessable from
internet. It is running on IIS own WinXP.
So far I haven't exeperienced any problem, but are there actions I should
take to secure my PC against hackers, now that port 80 is open? Like
add-on s/w or other smart stuff?
1) Win XP is not a Web server platform, and you shouldn't be exposing a
workstation to the Internet. If you're going to do such a thing, the you
should be using Win 2k3 server, which is a Web server platform.
At the moment I am only testing, but I take your advise, so if the
appliaction ends up more permanently I will set up a different machine with
Win 2k3
2) If the O/S, file system, registry, user accounts, and IIS itself are
not secured/harden to attack, then all you have is hack bait that can be
used as a jumping off point to attack other Web servers and other networks
over the Internet from your computer There are entire books used by
professionals, and they can hardly secure the Win NT based O/S platform
facing the Internet.
Scary stuff, indeed. But of course, that was the reason I asked.
3) I'll assume you're talking about XP's firewall or some 3rd party
personal firewall. They are not firewalls. They are machine level packet
filters. A firewall separates two networks. It protects from the network
it's protecting from usually the Internet, and it protects the network
it's protecting the LAN. I firewall must have at least two interfaces.
One interface must face the WAN/Internet and the other interface must face
the LAN. In the case of a software firewall solution running on secured
gateway host computer, the host computer will have at least two network
interface cards (NICS) with one facing the WAN and the other one facing
the LAN.
http://www.vicomsoft.com/knowledge/reference/firewalls1.html
The list is long as to what you should being doing that you don't have the
expertise to do.
I hate to be blunt about it, but I think you have put up hack bait that
has already been hacked, and you don't know about it.
Thanks for the information. I will also check with my company's it-personell
about the best approach for securing a
personal web server, like a host computer or a recommended s/w firewall.
Bjorn
.
- References:
- Open port 80, security issues?
- From: Bjorn Sagbakken
- Re: Open port 80, security issues?
- From: Mr. Arnold
- Open port 80, security issues?
- Prev by Date: Re: Open port 80, security issues?
- Next by Date: Re: Is there anyway to stream an automated file without saving to disk first?
- Previous by thread: Re: Open port 80, security issues?
- Next by thread: Re: slow boot sequence
- Index(es):
Relevant Pages
|
