I've been running Win2ksrv on my 4 web servers on 4 sperate IP's for about a year and a half now.
three had 'Blackice' on them as my firewall, and the forth was neglected; no firewall.
Well the server with out the firewall got hit by the 'Code red worm' very early on; before it realy became public.
Upon finding this I reformated the drive and reinstalled the OS, the Win2k sp2 update, and the Code red patch, & installed 'Black ice'.
after reconfiguring the web server and DNS server that run on this server I then connected it to the network.
All of my servers have been updated and patched; however the IP address of the server that had been infected still gets hit several hundred times a day. (the other servers do not get hit.)
while 'Black ice' seems to be doing it's job, is there another program or hardware option to secure the server(s) or is it that this IP will always be a target?
Also would running BSD or Linux servers give me better control interms of fending off hackers, script kiddies, and worms?
Hope I gave enough info; thanks in advance.
Rokkstar
three had 'Blackice' on them as my firewall, and the forth was neglected; no firewall.
Well the server with out the firewall got hit by the 'Code red worm' very early on; before it realy became public.
Upon finding this I reformated the drive and reinstalled the OS, the Win2k sp2 update, and the Code red patch, & installed 'Black ice'.
after reconfiguring the web server and DNS server that run on this server I then connected it to the network.
All of my servers have been updated and patched; however the IP address of the server that had been infected still gets hit several hundred times a day. (the other servers do not get hit.)
while 'Black ice' seems to be doing it's job, is there another program or hardware option to secure the server(s) or is it that this IP will always be a target?
Also would running BSD or Linux servers give me better control interms of fending off hackers, script kiddies, and worms?
Hope I gave enough info; thanks in advance.
Rokkstar
