Steven L Umbach
Guest
|
 Posted:
Tue Feb 01, 2005 6:48 am Post subject:
Re: Using Windows 2003 Standard as a web server - ICF? |
|
|
You can not use rras and ICF at the same time. If you don't need rras then
you can enable ICF but I believe that rras filtering is more flexible. ICF
should be able to block anything you do not create an exception for. W2003's
ICF firewall however does not let you specify a scope for the exemption,
though SP1 will like XP SP2 does. Tcp/ip filtering and ipsec filtering
policy are other ways you can secure the server though ipsec filtering
policy should not be your only internet protection. It does work well in
conjunction with the ICF firewall to manage outbound traffic. A hardware
firewall also makes sense and even the lower priced ones will filter out a
lot of junk that should no be going into a web server and stop many DOS
attacks such as syn flooding. --- Steve
"gogaz" <gogaz@rediffmail.com> wrote in message
news:25eb55ca.0501310411.6d3a549d@posting.google.com...
| Quote: | Hi all,
We have hosted a new windows 2003 standard edition recently to use it
as a web server. Internet connection firewall is disabled at the
moment. Is it recommended to enable it? coz when i do netstat, i get
epmap connection established with some remote machines. Also i can
telnet on port 2433 (after hiding sql server)
I know for the fact that i can block incoming ports in RRAS but not
sure if enabling ICF not messes up everything. I cant try now because
its live now and have transfered around 50 sites.
Cheers! |
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in