Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How to keep a server safe?

Status
Not open for further replies.
Rizzler

Rizzler

Technical User
Feb 9, 2006
43
SE
ok, first some people may laugh! :) got ahead, get it out! ;) then read on.

so, im running a webserver with windows server 2003, what should i do to actully keep it safe. somepeople say "install a n antivirus and then ur 100% safe. but im not that stupid, i understand that that is NOT safe.

ant suggestions on what i should to on the server to make it safer ?
 
Sort by date Sort by votes
Unplug it, put it in a closet then seal the door with cement.

Other than that a router which NATs to the server. A firewall that has only the minimum number of ports open (for a web site port 80 only). An anti-virus program. Only installing needed software. Stay current on security patches. Stop any nonused services. Disable any nonused parts of IIS.

Denny
MCSA (2003) / MCDBA (SQL 2000) / MCTS (SQL 2005) / MCITP Database Administrator (SQL 2005)

--Anything is possible. All it takes is a little research. (Me)
[noevil]
 
Upvote 0 Downvote
Rizzler,

Mrdenny is right. The only way to be 100% safe is to pull your server off any network and lock it away. I like to think of "hardening" my systems as opposed to "making them safe." Think of "hardening" as making your systems more difficult to exploit (with the techniques that mrdenny provided doing this exactly).

[purple]
SnoopFrogg
MCSE - Windows Server 2003
[/purple]
 
Upvote 0 Downvote
yes :) i understand also that 100% is impossible, but as i said i wanna make it safer then the default installation hehe! but yes as you say snoopfrogg, "hardening" would be a bether word to use. :) im running antivirus and zoneallarm right now. is that a good firewall program or do you have any suggestions?
 
Upvote 0 Downvote
Regarding firewalls, I would get a hardware firewall like a Cisco PIX, SonicWall, or other appliance.

[purple]
SnoopFrogg
MCSE - Windows Server 2003
[/purple]
 
Upvote 0 Downvote
Put it behind a firewall, keep it updated, keep it in good shape (defrag, hd space, etc), dont have any open shares and you should be fine. If the server is setup properly there should never be any files put on it other then the ones you product. If you want scan it every so often with an online virus scanner, etc.

 
Upvote 0 Downvote
Also you may want to consider as an added layer installing a host based intrusion detection software package which will check for incoming threats that firewalls cannot usually pick up on at the application layer. Hope this helps.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
236
MaioMaio
MaioMaio
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
292
Aquiles Vidal
Aquiles Vidal
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
347
suncit
suncit
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
305
DrB0b
DrB0b
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
242
antonio_dsanchez
antonio_dsanchez

Part and Inventory Search

Sponsor

Back
Top