Considering My Own Web Server
-
Since Roadrunner can't seem to fix my connectivity problems, I'm switching to SBC DSL and getting the 5-static IP package. Since I'll have static IP's, I no longer really require the services of my current Linux-based domain host. I'll be running Windows Server 2003 and IIS6 over a DSL connection. There won't be any significant downloading going on, and there's no business-related reasons to do it - I'll just be serving personal pages. I'm approaching this idea with fear, trepidation and loathing, considering the riff-raff that trudge the internet looking for servers to exploit. Can anyone suggest a site that discusses all (or most of) the ins/outs of running a secure (non-hacable) IIS6 web server, including setting up routers and such? ------- sig starts "I've heard some drivers saying, 'We're going too fast here...'. If you're not here to race, go the hell home - don't come here and grumble about going too fast. Why don't you tie a kerosene rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt "...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001
-
Since Roadrunner can't seem to fix my connectivity problems, I'm switching to SBC DSL and getting the 5-static IP package. Since I'll have static IP's, I no longer really require the services of my current Linux-based domain host. I'll be running Windows Server 2003 and IIS6 over a DSL connection. There won't be any significant downloading going on, and there's no business-related reasons to do it - I'll just be serving personal pages. I'm approaching this idea with fear, trepidation and loathing, considering the riff-raff that trudge the internet looking for servers to exploit. Can anyone suggest a site that discusses all (or most of) the ins/outs of running a secure (non-hacable) IIS6 web server, including setting up routers and such? ------- sig starts "I've heard some drivers saying, 'We're going too fast here...'. If you're not here to race, go the hell home - don't come here and grumble about going too fast. Why don't you tie a kerosene rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt "...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001
I have on my own machine IIS5 (WinXP Pro) only for non-professional purposes and it works good. The (little) company I work for has a package of 5 public IP addresses on a DSL line too. They use the IPs basically for VPN. Recently they (and I) have set up a little Win2K3 server just to host a professional web application (for demo purposes). The server works well, but there are many other problems. The upload bandwidth is 384 Kbit/s and, altought we have not big images or something, the response of the website is quite slow (on localhost it's blazing fast). Sometimes the DSL line is sature and the response is even slower. Moreover, we have not enough UPS power to keep all the machines up when (not much unfrequently) there is a power black-out and the server always reboots, losing some incoming data. Anyway, if you use it for your own purposes, it's not that bad. Just think about this: how much time and money are you going to spend to set it up? ___________________________________ Tozzi is right: Gaia is getting rid of us. My Blog [ITA] -- modified at 8:28 Friday 7th April, 2006
-
Since Roadrunner can't seem to fix my connectivity problems, I'm switching to SBC DSL and getting the 5-static IP package. Since I'll have static IP's, I no longer really require the services of my current Linux-based domain host. I'll be running Windows Server 2003 and IIS6 over a DSL connection. There won't be any significant downloading going on, and there's no business-related reasons to do it - I'll just be serving personal pages. I'm approaching this idea with fear, trepidation and loathing, considering the riff-raff that trudge the internet looking for servers to exploit. Can anyone suggest a site that discusses all (or most of) the ins/outs of running a secure (non-hacable) IIS6 web server, including setting up routers and such? ------- sig starts "I've heard some drivers saying, 'We're going too fast here...'. If you're not here to race, go the hell home - don't come here and grumble about going too fast. Why don't you tie a kerosene rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt "...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001
John Simmons / outlaw programmer wrote:
SBC DSL
Well, tried to email you some comments. But I will say thanks to the idiots at SBC I could not. I hope our CP staff can clear any bounced permanent error message flags they may have recieved. "Every new day begins with possibilities. It's up to us to fill it with things that move us toward progress and peace.” (Ronald Reagan)
-
Since Roadrunner can't seem to fix my connectivity problems, I'm switching to SBC DSL and getting the 5-static IP package. Since I'll have static IP's, I no longer really require the services of my current Linux-based domain host. I'll be running Windows Server 2003 and IIS6 over a DSL connection. There won't be any significant downloading going on, and there's no business-related reasons to do it - I'll just be serving personal pages. I'm approaching this idea with fear, trepidation and loathing, considering the riff-raff that trudge the internet looking for servers to exploit. Can anyone suggest a site that discusses all (or most of) the ins/outs of running a secure (non-hacable) IIS6 web server, including setting up routers and such? ------- sig starts "I've heard some drivers saying, 'We're going too fast here...'. If you're not here to race, go the hell home - don't come here and grumble about going too fast. Why don't you tie a kerosene rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt "...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001
Just to let you know, I've had SBC DSL since November and have been very happy with it. It is a vast improvement over the satellite connection I had. Can't give you any input on the web server issue though, I'm also thinking about setting one up, but just had not found the time. "You get that which you tolerate"
-
I have on my own machine IIS5 (WinXP Pro) only for non-professional purposes and it works good. The (little) company I work for has a package of 5 public IP addresses on a DSL line too. They use the IPs basically for VPN. Recently they (and I) have set up a little Win2K3 server just to host a professional web application (for demo purposes). The server works well, but there are many other problems. The upload bandwidth is 384 Kbit/s and, altought we have not big images or something, the response of the website is quite slow (on localhost it's blazing fast). Sometimes the DSL line is sature and the response is even slower. Moreover, we have not enough UPS power to keep all the machines up when (not much unfrequently) there is a power black-out and the server always reboots, losing some incoming data. Anyway, if you use it for your own purposes, it's not that bad. Just think about this: how much time and money are you going to spend to set it up? ___________________________________ Tozzi is right: Gaia is getting rid of us. My Blog [ITA] -- modified at 8:28 Friday 7th April, 2006
Download speed is 1.5mb Upload speed is 512kb Hardware includes the following: I already have these items laying around: - MSI K8N Neo2 Platinum motherboard - 1GB OCZ PC3500 RAM - Case - 80gb IDE hard drive I need to get these: - AMD X64 3000 - $121 - CPU HSF - $34 - PSU - $49 - UPS - $90 (30 minutes on battery with LCD monitor, 45 without) - Video card - $21 - 17-inch LCD monitor $170 - DVD writer - $40 - AS5 thermal grease - $17 I was also going to run an email server ($90 for software) Future upgrades will be opteron 165 and another gb of RAM. ------- sig starts "I've heard some drivers saying, 'We're going too fast here...'. If you're not here to race, go the hell home - don't come here and grumble about going too fast. Why don't you tie a kerosene rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt "...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001
-
I have on my own machine IIS5 (WinXP Pro) only for non-professional purposes and it works good. The (little) company I work for has a package of 5 public IP addresses on a DSL line too. They use the IPs basically for VPN. Recently they (and I) have set up a little Win2K3 server just to host a professional web application (for demo purposes). The server works well, but there are many other problems. The upload bandwidth is 384 Kbit/s and, altought we have not big images or something, the response of the website is quite slow (on localhost it's blazing fast). Sometimes the DSL line is sature and the response is even slower. Moreover, we have not enough UPS power to keep all the machines up when (not much unfrequently) there is a power black-out and the server always reboots, losing some incoming data. Anyway, if you use it for your own purposes, it's not that bad. Just think about this: how much time and money are you going to spend to set it up? ___________________________________ Tozzi is right: Gaia is getting rid of us. My Blog [ITA] -- modified at 8:28 Friday 7th April, 2006
Dario Solera wrote:
The upload bandwidth is 384 Kbit/s and, altought we have not big images or something, the response of the website is quite slow (on localhost it's blazing fast).
I briefly hosted a DotNetNuke site off my Comcast connection (224Kbits upload) while we were deciding if the idea would go big enough to be worthwhile hosting it somewhere. As long as you have a fast enough CPU to support it, turning on IIS6 compression for dynamic content made the site feel quite a bit more responsive when connecting remotely. I put the web server behind a firewall (IPCop, in this case) and only forwarded 80/443 to the Windows Server box.
-
Since Roadrunner can't seem to fix my connectivity problems, I'm switching to SBC DSL and getting the 5-static IP package. Since I'll have static IP's, I no longer really require the services of my current Linux-based domain host. I'll be running Windows Server 2003 and IIS6 over a DSL connection. There won't be any significant downloading going on, and there's no business-related reasons to do it - I'll just be serving personal pages. I'm approaching this idea with fear, trepidation and loathing, considering the riff-raff that trudge the internet looking for servers to exploit. Can anyone suggest a site that discusses all (or most of) the ins/outs of running a secure (non-hacable) IIS6 web server, including setting up routers and such? ------- sig starts "I've heard some drivers saying, 'We're going too fast here...'. If you're not here to race, go the hell home - don't come here and grumble about going too fast. Why don't you tie a kerosene rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt "...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001
John Simmons / outlaw programmer wrote:
Windows Server 2003 and IIS6
WTF? John Simmons moving on to the next gen Microsoft OS? I never thought I'd see the day! ;P Much of this will probably be below your level, but it's a start: http://www.dslwebserver.com/[^] As mentioned previously, block all unnecessary ports. Install all of the Windows Updates, and keep everything else patched. Change the name of the "Administrator" account to something else. Run Baseline Security Analyzer regularly. Audit login failures and successes. Run AV software, especially if you're going to run a mail server. Buy an AV package that you can plug into the mail server to scan incoming messages. Here is a guide from MS on hardening WS2k3: http://www.microsoft.com/downloads/details.aspx?FamilyID=8a2643c1-0685-4d89-b655-521ea6c7b4db&DisplayLang=en[^] I have been running my server (at a hosting company, though) for the past year without any problems (knock on wood). I just keep everything up to date, check the security logs often, and remain vigilant. Good luck! Jon Sagara Look at him. He runs like a Welshman. Doesn't he run like a Welshman? Doesn't he? I think he runs like a Welshman. My Site | My Blog | My Articles
-
Since Roadrunner can't seem to fix my connectivity problems, I'm switching to SBC DSL and getting the 5-static IP package. Since I'll have static IP's, I no longer really require the services of my current Linux-based domain host. I'll be running Windows Server 2003 and IIS6 over a DSL connection. There won't be any significant downloading going on, and there's no business-related reasons to do it - I'll just be serving personal pages. I'm approaching this idea with fear, trepidation and loathing, considering the riff-raff that trudge the internet looking for servers to exploit. Can anyone suggest a site that discusses all (or most of) the ins/outs of running a secure (non-hacable) IIS6 web server, including setting up routers and such? ------- sig starts "I've heard some drivers saying, 'We're going too fast here...'. If you're not here to race, go the hell home - don't come here and grumble about going too fast. Why don't you tie a kerosene rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt "...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001
I'd use a NAT (Network Address Translation) Router so that my box wasn't sitting directly on the internet and only forward port 80 and port 443 and perhaps the RDP port(s) to be able to remote in. This will give you most of the protection you need. That's all the advice I know to give. ---sig---
Silence is the voice of complicity Strange women lying in ponds distributing swords is no basis for a system of government. -- Vincent Reynolds Might I suggest that the universe was always the size of the cosmos. It is just that at one point the cosmos was the size of a marble. -- Colin Angus Mackay PS. If you don't understand my sarcasm -- go to hell! -
John Simmons / outlaw programmer wrote:
Windows Server 2003 and IIS6
WTF? John Simmons moving on to the next gen Microsoft OS? I never thought I'd see the day! ;P Much of this will probably be below your level, but it's a start: http://www.dslwebserver.com/[^] As mentioned previously, block all unnecessary ports. Install all of the Windows Updates, and keep everything else patched. Change the name of the "Administrator" account to something else. Run Baseline Security Analyzer regularly. Audit login failures and successes. Run AV software, especially if you're going to run a mail server. Buy an AV package that you can plug into the mail server to scan incoming messages. Here is a guide from MS on hardening WS2k3: http://www.microsoft.com/downloads/details.aspx?FamilyID=8a2643c1-0685-4d89-b655-521ea6c7b4db&DisplayLang=en[^] I have been running my server (at a hosting company, though) for the past year without any problems (knock on wood). I just keep everything up to date, check the security logs often, and remain vigilant. Good luck! Jon Sagara Look at him. He runs like a Welshman. Doesn't he run like a Welshman? Doesn't he? I think he runs like a Welshman. My Site | My Blog | My Articles
Jon Sagara wrote:
WTF? John Simmons moving on to the next gen Microsoft OS? I never thought I'd see the day!
It's not for desktop use, so don't get excited. I have to run W2k3 server (or Win2k Server) because I need to be able to host .Net sites that I develop, and a Linux server running Mono simply can't do that for .NET 2.0 (yet) - yeah, I know, you're about to suffer a second coronary because I said ".Net", but the truth of the matter is, I can't put it off any longer - I *have* to learn it for my job (I don't want to, but I *have to*). :) BTW, thanks for the links. :) ------- sig starts "I've heard some drivers saying, 'We're going too fast here...'. If you're not here to race, go the hell home - don't come here and grumble about going too fast. Why don't you tie a kerosene rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt "...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001
-
Since Roadrunner can't seem to fix my connectivity problems, I'm switching to SBC DSL and getting the 5-static IP package. Since I'll have static IP's, I no longer really require the services of my current Linux-based domain host. I'll be running Windows Server 2003 and IIS6 over a DSL connection. There won't be any significant downloading going on, and there's no business-related reasons to do it - I'll just be serving personal pages. I'm approaching this idea with fear, trepidation and loathing, considering the riff-raff that trudge the internet looking for servers to exploit. Can anyone suggest a site that discusses all (or most of) the ins/outs of running a secure (non-hacable) IIS6 web server, including setting up routers and such? ------- sig starts "I've heard some drivers saying, 'We're going too fast here...'. If you're not here to race, go the hell home - don't come here and grumble about going too fast. Why don't you tie a kerosene rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt "...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001
-
Since Roadrunner can't seem to fix my connectivity problems, I'm switching to SBC DSL and getting the 5-static IP package. Since I'll have static IP's, I no longer really require the services of my current Linux-based domain host. I'll be running Windows Server 2003 and IIS6 over a DSL connection. There won't be any significant downloading going on, and there's no business-related reasons to do it - I'll just be serving personal pages. I'm approaching this idea with fear, trepidation and loathing, considering the riff-raff that trudge the internet looking for servers to exploit. Can anyone suggest a site that discusses all (or most of) the ins/outs of running a secure (non-hacable) IIS6 web server, including setting up routers and such? ------- sig starts "I've heard some drivers saying, 'We're going too fast here...'. If you're not here to race, go the hell home - don't come here and grumble about going too fast. Why don't you tie a kerosene rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt "...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001
Try these: Internet Storm Centre - http://isc.sans.org/ SecurityFocus - http://www.securityfocus.com/ WindowsNetworking - http://www.windowsnetworking.com/ Security Forums - http://www.security-forums.com IIS Resources - http://www.iis-resources.com/ Even if you run your server behind a NAT firewall, I'd highly recommend installing a third-party software firewall that supports; Stateful Packet Inspection, SYN Flood Detection (DoS, etc. - best if you can set the threshold manually), Port Scan Detection, and most importantly; HTTP Filtering. The most important thing is to study and understand the entries in your firewall and IIS logs. If you do this and create some smart rules, you should have a relatively trouble free existence. ~~~~~~~~~~~~~~~~~~~~ |Same bucket, different syntax.| ~~~~~~~~~~~~~~~~~~~~
-
Since Roadrunner can't seem to fix my connectivity problems, I'm switching to SBC DSL and getting the 5-static IP package. Since I'll have static IP's, I no longer really require the services of my current Linux-based domain host. I'll be running Windows Server 2003 and IIS6 over a DSL connection. There won't be any significant downloading going on, and there's no business-related reasons to do it - I'll just be serving personal pages. I'm approaching this idea with fear, trepidation and loathing, considering the riff-raff that trudge the internet looking for servers to exploit. Can anyone suggest a site that discusses all (or most of) the ins/outs of running a secure (non-hacable) IIS6 web server, including setting up routers and such? ------- sig starts "I've heard some drivers saying, 'We're going too fast here...'. If you're not here to race, go the hell home - don't come here and grumble about going too fast. Why don't you tie a kerosene rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt "...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001
Don't use IIS!!! www.aprelium.com has a free release of Abyss X1 and it even supports ASP.NET2!!! You don't even need a static IP address. Just go to http://www.dyndns.com/ and there you caan create a dynamic address which you can even point your real domain at. Keep it simple! AMict.co.uk
