--- Joe Brouhard wrote:
i have a friend who runs a Windows server (no, there is no way to convert to linux as she's using a hosted box. App is also locked to Win32, so...) and it's routinely hit by portscanners and has been hacked at least twice now.
Not sure what you mean by App being locked to Win32. But then you didn't specify what the server's function is.
She's also not really in the mood to pay for the software, so i'mlooking for opensource options.
As was already said this screams for a Linux solution.
As was also already said, on a hosted box the security should be the hoster's responsibility not the hostee. I also can't give you an answer. The only Windows servers I work with are protected by a FreeBSD firewall, in addition to hardware firewalls. My suggestion, such as it is, is to find a new hoster. There are secure Windows hosters out there, but of course, I'd still suggest going full tilt and making the switch to Linux at the same time. There's not much a Linux server can't do that a Windows server can, but the reverse isn't true. Linux servers have many features that Windows just can't duplicate. On top of which a decently maintained Linux server will almost never be compromised, except due to lax security on the part of registered users.
Hope this helps a little bit.
Brian JD