John O'Sullivan wrote:
>One hole in the outside occurs if you use the FTP server that ships with NT.
> Even if you make the Sub directory the FTP dir a user can cd / to the root.
Is the access read only or read write?
>If you want to secure a server one easy way is to add to or more cards to
>the server and we assume that one card is the "secure" (outside) card and
>the other "unsecure" (inside) card. On the outside card unbind all network
>components except TCP/IP. Get rid of server and workstation
>This will allow only TCP/IP socket apps Mail, HTTP, etc
>on the other side "inside" users still have access to the server as they
>normally would.
I have yet to see an NT server that can be completely shut down for services. I've tried shutting off files sharing, domain services, etc. and still can't get the ! @
#$% thing to stop broadcasting services on ports 137 & 138. If anyone has had luck with this, I would love to hear how.
Follow-Ups:
|
|
