Server Question
Thread Starter
|
Senior Member
Joined: Oct 2004
Posts: 338
Likes: 0
Server Question
I'm building a new server and I have a questions for the Tech crew.
I want the ability to access it remotely and was wondering what ya'll think is the most secure way to access it. I'll be running server 2003 and it will have a website running on it along wiht some other misc stuff. I know about Remote Desktop but I was wondering if there was something more secure.
Thanks in advance,
Justin
I want the ability to access it remotely and was wondering what ya'll think is the most secure way to access it. I'll be running server 2003 and it will have a website running on it along wiht some other misc stuff. I know about Remote Desktop but I was wondering if there was something more secure.
Thanks in advance,
Justin
F150online
Founder
Founder
Joined: Nov 1996
Posts: 3,008
Likes: 0
From: Roswell, GA USA
Depends what you want to do remotely. If you want complete control over the server, with the look-and-feel of the actual desktop, then Remote Desktop, provided that keep up with Microsoft's patches, should be fine.
Senior Member
Joined: Apr 2004
Posts: 4,424
Likes: 0
From: Motor City
MS server on the web by itself = bad.
Get a firewall w/ VPN capability. It's bad enough you're using it as a web server, don't let anything else to it. Make 'em establish a VPN tunnel then give them whatever they want... remote desktop over VPN rocks. Full access and totally secure. Enforce the use of complex passwords and password rotation.
I have no idea what your budget is, but the above is the best method. Never leave a server just hang out on the web. Layered security is key.
Get a firewall w/ VPN capability. It's bad enough you're using it as a web server, don't let anything else to it. Make 'em establish a VPN tunnel then give them whatever they want... remote desktop over VPN rocks. Full access and totally secure. Enforce the use of complex passwords and password rotation.
I have no idea what your budget is, but the above is the best method. Never leave a server just hang out on the web. Layered security is key.
Senior Member
Joined: Apr 2004
Posts: 4,424
Likes: 0
From: Motor City
Originally Posted by jdoggfx4
what would you recommend
I'm still parital to hardened unix/linux boxes for web servers. You can really crank them down well (if you know what your doing). If you take the time and plan out your security and implement it well, you'll be just fine. Careless setup will bring down any server... windoze, linux, it doesn't matter. The VAST majority of exploits are a direct result of misconfiguration.
In a perfect world you'd have a pro configure the box, have a proper firewall setup, and for those with fat budgets, an IDS/IPS device. Couple this with training, good security policies and regular audits and your on easy street.
Trending Topics
Senior Member
Joined: Apr 2004
Posts: 4,424
Likes: 0
From: Motor City
Originally Posted by jdoggfx4
I do not have it online yet. I'm still buildiong and setting things up. I will have everyport not required for what i'm doing disabled. Along with the server being behide a firewall.