server 2003 firewall

Discussion in 'other firewalls' started by ojl66, Mar 8, 2006.

Thread Status:
Not open for further replies.
  1. ojl66

    ojl66 Registered Member

    Joined:
    Mar 8, 2006
    Posts:
    1
    Hi,
    I'm installing an IIS webserver on server 2003.
    (standalone server is placed in datacentre, remote access is therfore needed)
    what is a good firewall to use?
    I tried Sygate firewall pro but the interface isnt working with remote desktop
    any suggestions?
    Thanks
    otto
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    Hello,
    My bro is running IIS with Sygate, I'll ask him.
    Mrk
     
  3. PikeDude66

    PikeDude66 Registered Member

    Joined:
    Mar 19, 2006
    Posts:
    4
    Hello,

    Didn't know if I should revive this post or start a new one, since I'm in the same boat as ojl66, it would be nice if we both got to see the suggestions. Appologies if this should have been a new thread.

    I'm kind of interested in this answer as well. What would you recommend a good firewall for Windows Server 2003, can't really afford the bigger firewalls (probably could not even configure it correctly) but I don't mind spending a few dollars for a firewall that works well with Windows Server 2003.

    I tried some of the personal firewalls that are available, but they just seem not to work as well as on the Windows XP machines. I have a small web server and a small mail server on this machine that I would like protected but it doesn't get many visitors in a day, so I don't really feel the need for a firewall that is on the heavy traffic servers.

    Right now I have the firewall that came with Server 2003 sp1, don't know if that is enough, what do you think? I would like some application control if that is possible but I guess the server is not really used as a work station, so nothing really gets downloaded on it unless I download it on the XP machines and scan them there.

    My setup is as follows: Windows Server 2003 Standard sp1, Nod32 Administrator version, Router LinkSYS, Server 2003 sp1 firewall activated with the following services activated; web, ftp, mail.

    Thanks for any and all replies.
     
  4. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
  5. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    If you are not subject to heavy traffic, are you seeing anything suspicious or of concern at all in the logs?

    That should afford you good basic protection. It is just as important to make sure your web, ftp and mail servers are up to date with patches and configured securely. You are permitting traffic to them anyways, so they are what may be subject to exploit attempts.

    Regards,

    CrazyM
     
  6. PikeDude66

    PikeDude66 Registered Member

    Joined:
    Mar 19, 2006
    Posts:
    4
    Thanks for the info, I'm now trying a few that WSFuser suggested in vmware to see how it goes.
    I kind of like and feel comfortable with Net Firewall, anyone know if this firewall is any good? Haven't heard anything on it.

    CrazyM, I'm not seeing anything in the logs that is causing me any concern, at the moment, just want to prevent and protect it as best as possible. The software is always current with all the latest patches and updates.

    Thanks
     
  7. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    If you're going to be in a data center, with a public IP, I'd want to be behind a hardware firewall. A decent SOHO or higher grade NAT router, that can handle lots of concurrent connections...a home grade router won't do well under those loads, not designed for it.
     
  8. beads

    beads Registered Member

    Joined:
    Jun 1, 2005
    Posts:
    49
    If you large enough to have a "data center" already shouldn't you likewise have a good hardened FW as well? Even a very basic 1U Cisco 501 should cost less than $500.00 and isn't THAT difficult to install by any means.

    Other lower end/smaller featured firewalls that are very easy to install:

    SonicWall
    http://www.cdw.com/shop/products/default.aspx?ProductID=534677

    WatchGuard: http://www.cdw.com/shop/products/default.aspx?ProductID=404686

    Both very reasonable.

    The other thing to look at would be your router settings. Many routers have some kind of basic firewalling and or Ingress/Egress filtering for common attacks like port 137, 138, 139 and 445. Eliminating those while leaving 3389 (remote access protocol) from specific (static address(es)) will go along way to protecting IIS. Just be sure to set the ACLs to include both source and destination of the above ports. That will generally drop about 80% of your junk traffic alone depending on the name of the website. Websites with names like: Allmywildestdreamscometrue.com are more likely to be attacked than say: Steveshorseshoecollection.com You get the idea, or at least I hope you do - lol.

    Enjoy!

    - beads :blink:
     
  9. PikeDude66

    PikeDude66 Registered Member

    Joined:
    Mar 19, 2006
    Posts:
    4
    Hello all and thanks for the tips but where is everyone getting that I have a "data center". I have a simple home server with a simple mail and ftp server that I would like to protect.

    Trialing the Net Firewall right now and seems to be a good packet filter firewall.
     
  10. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    it was the original poster who had mentioned a datacenter. btw im glad net firewall is working for u.
     
  11. PikeDude66

    PikeDude66 Registered Member

    Joined:
    Mar 19, 2006
    Posts:
    4
    ooops, my bad :oops: Thanks for pointing that out WSFuser. For now Net Firewall is really what I was looking for, might just install it on the main server instead of leaving it on the virtual server.
     
Loading...
Thread Status:
Not open for further replies.