[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] WebSite being Hacked!!!
Title: RE: [FW1] WebSite being Hacked!!! Hi Felix, 1. The crucial aspect is not your ports being scanned, but what services or ports you make available between your DMZ' s, LAN's and Internet via your Firewall. 2. The standard http 80 port: Its security vulnerabilities mostly rely on not any kind of FW product, but on the Web Server prog. & OS. (Especially, when IIS & Windows is the case.) The solution is; You'd better check MS official sites for armoring WinNT or Win2K Servers, also go through IIS security checklists, install all the necessary security patches, hotfixes, SP's... and make other necessary adjustments in the IIS. (The hacking problem you had faced was probably SADMIN/IIS worm or something like that, I presume...) 3. Even Checkpoint has some its own IDS tools, I advise you to use additional IDS program(s) independent of your FW, on (an)other server(s). Such as, IIS - RealSecure or CA - ETrust IDS. -----Original Message-----
Hi, all: one of my web server (IIS4.0 on NT 4.0 SP6a) which is behind my FW1-4.1
Thanx! ================================================================================
|