|
Posted by Simon Wigzell on April 8, 2005, 9:20 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Sorry if this question has been asked and answered before, my first time
here.
I "admiister" a dedicated server running MS server200. The company that
looks after the server installed a firewall after we were hacked that needs
it's own domain, "fw.[company].com". For this they are billing us $180 PER
MONTH. Is this reasonable? Doesn't server 2000 come with a built in firewall
anyway? Does someone have a link that will tell me how to activate it? Is
the built in firewall sufficient to prevent hacking?
Thanks!
|
|
Posted by on April 8, 2005, 6:27 pm
If you were Registered and logged in, you could reply and use other advanced thread options
firewall doesnt work. most hacking now a days is due to microsoft bugs
or via http (port 80 which all firewalls doesnt block)
Cowly the Game player
Games I support
http://www.gamestotal.com
http://www.spacefederation.net
http://uc.gamestotal.com
http://aw.gamestotal.com
http://gc.gamestotal.com
http://mmorpg.gamestotal.com
http://3700ad.gamestotal.com
http://ballmonster.gamestotal.com
http://free_mmorpg.gamestotal.com
http://strategy_games.gamestotal.com
http://free_strategy_games.gamestotal.com
|
|
Posted by Duane Arnold on April 8, 2005, 10:27 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> Sorry if this question has been asked and answered before, my first
> time here.
>
> I "admiister" a dedicated server running MS server200. The company
> that looks after the server installed a firewall after we were hacked
> that needs it's own domain, "fw.[company].com". For this they are
> billing us $180 PER MONTH. Is this reasonable? Doesn't server 2000
> come with a built in firewall anyway? Does someone have a link that
> will tell me how to activate it? Is the built in firewall sufficient
> to prevent hacking?
>
> Thanks!
>
>
>
This is about as close as you're going to get with a FW like software on
the Win 2k Server. As for the price of the service, I cannot say but it
does seem a little much.
http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
http://www.analogx.com/contents/articles/ipsec.htm
http://www.microsoft.com/serviceproviders/columns/using_ipsec.asp
http://www.microsoft.com/technet/itsolutions/network/security/ipsecld.mspx
Duane :)
|
|
Posted by Walter Roberson on April 8, 2005, 10:42 pm
If you were Registered and logged in, you could reply and use other advanced thread options
:here.
:I "admiister" a dedicated server running MS server200. The company that
:looks after the server installed a firewall after we were hacked that needs
:it's own domain, "fw.[company].com". For this they are billing us $180 PER
:MONTH. Is this reasonable?
In my opinion, that would depend on what the firewall does for you, on how
fast it is, on what level of security your company indicates was important
to your company, and on how much customization the company is willing to
do for that $180. Circumstances differ, and $180 could be an outrage
or it could be dirt cheap.
[By the way, I see your email address is in Canada: is that $C180,
or $US180 ?]
- At least a portion of the firewall is dedicated to your use: what was
the cost of the firewall and associated licenses? If you were to amoratize
it over 1 year (Revenue Canada depreciation class 10A), how much would you
be paying per month?
- what kind of data rate is there going through the firewall? Firewall
prices increase noticably once you get beyond a level sufficient to serve
a typical broadband connection.
- $C180 a month buys (e.g.) less than 2 hours of my time per month.
- How much did your company effectively lose by having the system hacked
before? How much would it lose next time if it were hacked again? In
words, what is the penalty for getting it wrong?
- How does the manner in which the crackers were able to get through before
inform your company about the security expertise available within your
company? e.g., was it something that your people never expected, or was
it something that was a calculated gamble that didn't pay off, or was
it something that your people didn't happen to get around to fixing
because of the pressures of other tasks, or was it something that some of
your people knew how to deal with and wanted to fix but other parts of
the organizations did not want the time and money expended in that manner?
- Considering the important business nature of your server, how many hours
would it take you to research and configure and test alternatives that
were sufficiently secure for your organization? How much would that cost
in salary for you? How much would your company lose in "opportunity costs"
because you weren't working on something that contributed more directly
to revenue enhancement? Could you do it in less than 2 weeks, start to
finish If not, then assuming your salary is reasonable but not unremarkable,
then the cost to your company would likely exceed ($C180/month for a year).
--
Feep if you love VT-52's.
|
|
Posted by Wolfgang Kueter on April 11, 2005, 1:28 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> I "admiister" a dedicated server running MS server200. The company that
> looks after the server installed a firewall after we were hacked
Since the machine got hacked you didn't administer it properly.
> that needs it's own domain, "fw.[company].com".
What is it? A separate machine, a packet-filter, a reverse proxy?
> For this they are billing us $180 PER MONTH. Is this reasonable?
Depends. Without more information about the setup nobody will be able to
tell.
> Doesn't server 2000 come with a built in
> firewall anyway?
Win2000 comes with a packet-filter.
> Does someone have a link that will tell me how to
> activate it?
RTFM!
> Is the built in firewall sufficient to prevent hacking?
Depends.
Obviously you have no clue about security. So paying someone USD 180 per
month who has seems quite a good idea to me.
Wolfgang
|
| Similar Threads | Posted | | cisco pix 501 firewall newbie | June 23, 2006, 1:46 pm |
| Firewall newbie! Which free one?? | September 5, 2006, 2:42 pm |
| Newbie with Norton Personal Firewall - Help Please | July 31, 2004, 12:07 pm |
| newbie Q on DSL modem w/firewall appliance | January 15, 2005, 8:09 pm |
| Newbie: Configuring openbsd firewall | April 3, 2005, 7:01 pm |
| Newbie firewall control panel question | February 25, 2005, 8:25 am |
| [Newbie alert!] Is the Linksys BEFSX41 hardware Firewall/router a "real" firewall? | March 25, 2005, 11:12 am |
| Re: newbie - recommended tutorial on setting up simple openBSD firewall | October 7, 2006, 5:57 pm |
| Newbie | April 8, 2007, 2:39 pm |
| Newbie to firewalls - do I need one? | January 20, 2005, 9:35 am |
|
XML site map