Re: is Business Website through router forwading safe?
From: Michael Appelmans (mla_at_zitinko.com)
Date: 09/03/04
- Next message: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: **HELP**how do I located and block outgoing traffic"
- Previous message: Kevin Weilbacher [SBS-MVP]: "Re: Network slowdown around lunchtime"
- In reply to: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: is Business Website through router forwading safe?"
- Next in thread: Marina Roos [SBS-MVP]: "Re: is Business Website through router forwading safe?"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 3 Sep 2004 18:24:29 -0400
Susan..
I didn't know that there is a free version of hfnetchk but now that you
mentioned it I found Shavlik's site and the free version! Thanks for
the heads up on this one.
The server is at my client's site and it's their responsibility to
secure the physical premises. Even I don't have a key. That way if
something goes missing they won't be knocking on my door.
Client's website is hosted on webhost4life. I don't have port 80 open on
router. I'm using https to permit access to Configuration Manager for
remote VPN setup and users will have strong passPHRASES. Once remote
clients are configured with VPN I can close HTTPS and just leave VPN
port open.
I'll find out if the server contains any SS# and notify my client about
their responsibility with regard to holder notification if the box
disappears.
Thanks much for taking the time to drag me into the present with regard
to security practices.
Michael
In article <uwLbCOXkEHA.3988@tk2msftngp13.phx.gbl>, sbradcpa@pacbell.net
says...
> Hun, if you can't afford patching tools, can you afford the risks?
>
> If you live in California like I do, have two pieces of info on your
> server [name and account/name and SS#] that could be used for identity
> theft and some unauthorized person[s] get access to my box I am REQUIRED
> to inform my clients.
>
> Price of notification of my clients
> Price of PR disaster
> Price of HfnetchkPro 25 seats $620.
>
> Which do you think I picked?
>
> Next I don't have port 80 even open. My firm's web site is on an
> outsourced web hoster. Do you HAVE to have your firm's web site on your
> own box.
>
> Risk analysis dear.
>
> What data do you have.
> What reasonable measures do you need to take to make your box secure?
>
> Microsoft Patch Management, Security Updates, and Downloads:
> http://www.microsoft.com/technet/security/topics/patch/default.mspx
> Microsoft TechNet Security - Product Security Notification:
> http://www.microsoft.com/technet/security/bulletin/notify.mspx
>
>
> Next you do realize that there is a free hfnetchkpro for 1 server and 10
> computers? You can't afford free to at least protect the server?
>
> Michael Appelmans wrote:
> > Thanks Susan. That's a lot to chew on. I had been relying on Windows
> > update for patches. hfnetchkpro looks like the cat's meow but if you
> > gotta ask how much it costs it probably isn't a solution for our very
> > small business environment. I will look into SUS which is now WUS (what
> > an acronym)?
> >
> > Also will subscribe to incidents.org. My users are gonna love me when I
> > force them to adopt strong passwords.. err passPHRASES as they go
> > remote. I had better find some more dice and hit DiceWords.com.
> >
> > Any links for security bulletins?
> >
> > Thanks for all the suggestions.
> >
> > Michael
> >
> >
> > In article <evJHOYSkEHA.4092@TK2MSFTNGP10.phx.gbl>, sbradcpa@pacbell.net
- Next message: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: **HELP**how do I located and block outgoing traffic"
- Previous message: Kevin Weilbacher [SBS-MVP]: "Re: Network slowdown around lunchtime"
- In reply to: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: is Business Website through router forwading safe?"
- Next in thread: Marina Roos [SBS-MVP]: "Re: is Business Website through router forwading safe?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
