Hi All
I'm new to SBS so if any of my questions sound foolish, apologies !
I've just completed a site survey for a (potentially) new network customer. They have an SBS server there whi is escentially an "everything" server. However, I have a few questions about this:
1. The server has 2 NIC's, one connected to the LAN and one connected to the internet. I know that this is not uncommon for SBS servers, but I'm wondering in the real world if many companies actually do it this way ? It seems like a very risky game to me. Surely a proper dedicated corporate firewall with NAT would be the way to go
2. I've run a port scan against the public IP address of the server and found a whole lot of ports open (3389, 21, 25, 80, 443 etc etc). When configuring windows firewall on an SBS 2003 server, is it not possible to only open certain ports for certain NIC's ? Or when you open a port, is it then open for all NIC's (depending on the service configuration)
3. This brings me onto my next quesiton, given that all these ports are open to the internet, this obviously makes the server more vulnerable, so if an exploit was discovered in one of these services (eg IIS) I would imagine a server with direct connection to the internet would be more at risk. I've also heard that it can take longer for MS to release patches for SBS server. Taking these 2 factors into account, are SBS servers more commonly attacked than regular 2003 standard/enterprise servers ?
4. In this particular scenario, the mail relay server for the company domain is the SBS server. So if the server ever goes down, mail may be missed due to the sender's mail server not being able to communicate with the SBS server and giving up (depending on the sending mail server config). Surely a better option would be to use an ISP's mail relay server ?
However, my bigger concern is that it's possible for a malicious user to continuously connect to port 25 and create a whole lot of sessions (and overhead) for the server, and make it extremely busy, and cause slow access for the file server users on the inside. Does SBS have any "inbuilt" security mechanism to limit the number of sessions ?
Sorry for all the questions. I do appreciate any help anybody can provide
Irish Poetry - Karen O'Connor
Irish Poetry and Short Stories - Doghouse Books
Garten und Landschaftsbau
I'm new to SBS so if any of my questions sound foolish, apologies !
I've just completed a site survey for a (potentially) new network customer. They have an SBS server there whi is escentially an "everything" server. However, I have a few questions about this:
1. The server has 2 NIC's, one connected to the LAN and one connected to the internet. I know that this is not uncommon for SBS servers, but I'm wondering in the real world if many companies actually do it this way ? It seems like a very risky game to me. Surely a proper dedicated corporate firewall with NAT would be the way to go
2. I've run a port scan against the public IP address of the server and found a whole lot of ports open (3389, 21, 25, 80, 443 etc etc). When configuring windows firewall on an SBS 2003 server, is it not possible to only open certain ports for certain NIC's ? Or when you open a port, is it then open for all NIC's (depending on the service configuration)
3. This brings me onto my next quesiton, given that all these ports are open to the internet, this obviously makes the server more vulnerable, so if an exploit was discovered in one of these services (eg IIS) I would imagine a server with direct connection to the internet would be more at risk. I've also heard that it can take longer for MS to release patches for SBS server. Taking these 2 factors into account, are SBS servers more commonly attacked than regular 2003 standard/enterprise servers ?
4. In this particular scenario, the mail relay server for the company domain is the SBS server. So if the server ever goes down, mail may be missed due to the sender's mail server not being able to communicate with the SBS server and giving up (depending on the sending mail server config). Surely a better option would be to use an ISP's mail relay server ?
However, my bigger concern is that it's possible for a malicious user to continuously connect to port 25 and create a whole lot of sessions (and overhead) for the server, and make it extremely busy, and cause slow access for the file server users on the inside. Does SBS have any "inbuilt" security mechanism to limit the number of sessions ?
Sorry for all the questions. I do appreciate any help anybody can provide
Irish Poetry - Karen O'Connor
Irish Poetry and Short Stories - Doghouse Books
Garten und Landschaftsbau
