> > Sorry for the Off Topic but does anyone know of a good > > server firewall program for Cold Fusion servers? It's > > seems as if some hackers are getting past our routers > > and I want to look into all options to lock it down more. > > My boss said I have to keep it under $1,000. > > Or just use IP security and block ports and make sure your > software is up to date. You could have an nt box with only > port 80 opened up. Then you just have to make sure you have > all of your programs updated correctly and you shouldn't > have to worry about hacking.
I have to say, I agree with Robert here, in that if you want to control traffic at your server itself (host security), rather than or in addition to controlling traffic at the router and firewall, the OS provides all the tools you need. Windows NT 4 and higher allow you to block incoming traffic on all ports except those you explicitly list, using the TCP/IP Filtering dialog, and Windows 2000 gives you even greater control using IP security policies. In some respects, this is better than using something like BlackICE, in my opinion, because it's free, and if you manage multiple Win2K servers you can even use the same policies on all of them. Documentation on how to do this sort of stuff can be found in many places; Windows Resource Kits and securityfocus.com come to mind. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 fax: (202) 797-5444 ______________________________________________________________________ Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
