Okay I know this is a bit off topic, and probably get me flammed...
i have a friend who runs a Windows server (no, there is no way to convert to linux as she's using a hosted box. App is also locked to Win32, so...) and it's routinely hit by portscanners and has been hacked at least twice now.
Anyone know of *GOOD* and *DECENT* Firewalls? Anything but Zonealarm.. it sucks balls.
She's also not really in the mood to pay for the software, so i'mlooking for opensource options.
i was thinking of an IPtables solution, but i don't think the host will allow cgywin installed on the box.
Thanks in advance
Joe Brouhard jbrouhard@chansata.com
On 4/29/06, Joe Brouhard jbrouhard@chansata.com wrote:
Okay I know this is a bit off topic, and probably get me flammed...
i have a friend who runs a Windows server (no, there is no way to convert to linux as she's using a hosted box. App is also locked to Win32, so...) and it's routinely hit by portscanners and has been hacked at least twice now.
Anyone know of *GOOD* and *DECENT* Firewalls? Anything but Zonealarm.. it sucks balls.
She's also not really in the mood to pay for the software, so i'mlooking for opensource options.
i was thinking of an IPtables solution, but i don't think the host will allow cgywin installed on the box.
Thanks in advance
I do not have a solution, but... if it is a hosted box, how exactly does she intend to install a firewall on it, for that matter, what type of hosting is this? Shouldn't security be the hosts responsibility?
Anyways, I hear Windows own firewall is fairly good, if enabled. Give that a try, it is free. The problem however screams Unix/Linux. And as far as I know, iptables is part of the kernel, and cannot be simply installed on Windows.
-- As a boy I jumped through Windows, as a man I play with Penguins.
--- Joe Brouhard wrote:
i have a friend who runs a Windows server (no, there is no way to convert to linux as she's using a hosted box. App is also locked to Win32, so...) and it's routinely hit by portscanners and has been hacked at least twice now.
Not sure what you mean by App being locked to Win32. But then you didn't specify what the server's function is.
She's also not really in the mood to pay for the software, so i'mlooking for opensource options.
As was already said this screams for a Linux solution.
As was also already said, on a hosted box the security should be the hoster's responsibility not the hostee. I also can't give you an answer. The only Windows servers I work with are protected by a FreeBSD firewall, in addition to hardware firewalls. My suggestion, such as it is, is to find a new hoster. There are secure Windows hosters out there, but of course, I'd still suggest going full tilt and making the switch to Linux at the same time. There's not much a Linux server can't do that a Windows server can, but the reverse isn't true. Linux servers have many features that Windows just can't duplicate. On top of which a decently maintained Linux server will almost never be compromised, except due to lax security on the part of registered users.
Hope this helps a little bit.
Brian JD
-
Arthur Pemberton -
Jack -
Joe Brouhard