Q: I am in the process of planning and designing a website for my small business. I have some experience with web design and since the site is strictly informational it will not be too complicated (10 pages deep max). I am sure I will not too much trouble in that respect have. Here is my question, how unsafe is a W2K server? Me know linux / apache is the most secure platform to run a website, but frankly, when it comes to nix, I do not know and (after some research) I have really no time to find that come.
As my plans do not include any kind of web-based commerce and will not use a database (strictly ad) Im not worried about any type of data theft. I just do not want to be hacked, forged or used to distribute trojans. I did get a “coming soon” page up and running using IIS 5 with no experience, so I assume that if it is so easy to get out is not too difficult to break in.
Any advice would be appreciated .
Best Answer: You should have studied.
Re:Hey I threw my bone out already:)…to be honest If I tryed to answer every question here I would never get any work done…I think part of learning is finding the info for yourself…I hate people that post here wanting us admins to tell them word for word what to do…I hate that so much!!!!…I dont mind guiding someone a little once in a while but not all the time…how do you think most of us admins here learned what we know…I personally learned by teaching myself…I surf the net…read books…attend seminars…test stuff in my test lab…etc…everyday Im still learning new stuff…thats just part of the process….we gave you a direction to go in…even some links to look at…now its your job to teach yourself the rest like we do…by the way I didnt mean to pick on you guy directly…you had a good question and got some good responses…Im just ranting about some of the other people on the board:)
Re:guy is right, isolate those suckers, compartmentalize your network intelligently
thanks for the followup…hey how about a sys/network admin FAQ here in the Networking forum..it'd be a great learning tool for us networking wannabes. Stuff like "securing your servers" "bricking exchange boxes" etc. Cmon admins…help us learn, take us under your wings, throw us a bone…you get the picture. A new thread on the topic would be awesome.
Re:guy is right, isolate those suckers, compartmentalize your network intelligently.
Re:Thanks all for your advice. Nick I responded to your post in the OS Forum…thanks again.
Re:IIS can be just as secure as anything else out there.
Just make sure to run hfnetchk.exe from Microsoft to be sure all your patches and hotixes are current BEFORE you connect the server to the internet! Then run the IIS lockdown tool. You can do that before connecting to the internet, too.
If you connect an unpatched IIS server to the internet you can be infected with the Nimda or Code Red virii within hours – and you would never know the difference until you start finding *.eml files all over your server, or someone contacts your ISP to complain about you.
Re:I've replied to this in the OS forum where it was cross-posted. Please see OS Forum link (http://{$MySite}/messageview.cfm?catid=34&threadid=816843)
Re:I run IIS 5.0 at my job and it is fine…you just need to make sure that you set it up properly…I would suggest that you use the IIS lockdown wizard to further secure you setup…the link for it is below
IIS Lockdown Wizard (http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/tools/locktool.asp)
Oh and one more thing….make sure this web server is not on a mission critical box…such a Domain Controller or File Server….always isolate you web servers!
0 Comments.