"Bjorn Sagbakken" <bj*****@online.nowrote in message
news:Uu*********************@telenor.com...
Hi.
This might not be the right forum for my question, but still I throw it
out:
I have just succeeded in publishing my ASP.NET web application on my own
PC, opening port 80 in/out in my firewall, so now it is accessable from
internet. It is running on IIS own WinXP.
So far I haven't exeperienced any problem, but are there actions I should
take to secure my PC against hackers, now that port 80 is open? Like
add-on s/w or other smart stuff?
1) Win XP is not a Web server platform, and you shouldn't be exposing a
workstation to the Internet. If you're going to do such a thing, the you
should be using Win 2k3 server, which is a Web server platform.
2) If the O/S, file system, registry, user accounts, and IIS itself are not
secured/harden to attack, then all you have is hack bait that can be used as
a jumping off point to attack other Web servers and other networks over the
Internet from your computer There are entire books used by professionals,
and they can hardly secure the Win NT based O/S platform facing the
Internet.
3) I'll assume you're talking about XP's firewall or some 3rd party personal
firewall. They are not firewalls. They are machine level packet filters. A
firewall separates two networks. It protects from the network it's
protecting from usually the Internet, and it protects the network it's
protecting the LAN. I firewall must have at least two interfaces. One
interface must face the WAN/Internet and the other interface must face the
LAN. In the case of a software firewall solution running on secured gateway
host computer, the host computer will have at least two network interface
cards (NICS) with one facing the WAN and the other one facing the LAN.
http://www.vicomsoft.com/knowledge/r...irewalls1.html
The list is long as to what you should being doing that you don't have the
expertise to do.
I hate to be blunt about it, but I think you have put up hack bait that has
already been hacked, and you don't know about it.