homepage Welcome to WebmasterWorld Guest from 54.234.231.49
register, login, search, subscribe, help, library, PubCon, announcements, recent posts, open posts,
Accredited PayPal World Seller

Visit PubCon.com
Home / Forums Index / WebmasterWorld / Webmaster General
Forum Library : Charter : Moderators: phranque & physics

Webmaster General Forum

    
Running a server on my Windows home computer-any way to protect it?
lizzie




msg:3502329		 9:41 pm on Nov 11, 2007 (gmt 0)

I have my site all set up on my computer and ready to display on the internet using Abyss Web Server, with my domain pointing to it using Simple DNS.
Is there any way possible to protect my computer with port 80 staying open?
I know I can get cheap hosting somewhere, but just want the fun of running it from my home.

I had port 80 open for about 20 minutes and saw, using a program called Simple Net Tools, that multiple computers all over the country had multiple connections to my port 80, even though I was not displaying my site at the time, just the directory where my site would be. They just latched onto my port 80 as soon as it opened. I assume these were worms, trojans or something similar.
Is there some way, some sort of firewall, that would protect me? I have a cheap router and Norton Persnal Firewall but with port 80 staying open these won't be enough.

 

jtara




msg:3502837		 4:23 pm on Nov 12, 2007 (gmt 0)

Keeping your web server up to date, and using an obscure one (check!) will help.

The fact is, most firewalls do no more than yours is doing now - opening or closing a given port.

More advanced firewalls can look for specific attack signatures. There are a few generic things that can be checked, but it is basically looking for a specific exploit by knowing what to expect in a packet. But that generally requires a costly subscription, and is offered for higher-cost hardware firewalls. (There may be free sources, but how up to date are they?)

Most of these attacks, though, are against specific URLs. They are attacking vulnerable scripts. If you don't have those scripts installed, no problem - they are harmless. So, be careful about the scripts you choose, and keep them up to date!

Beyond that, it's popular to block troublesome blocks of IP addresses. There are more free resources available for this than for attack signatures. You may be able to do this with your current firewall, though you might have to type-in the address ranges. (Rather than use a supplied file.)

If you really, really want to run a live web server at home, it might make more sense to set-up a Linux machine, where you will have more free resources available, and can replicate the environment you will probably have if/when you move to commercial hosting.

(There are some cases for Windows hosting, but I doubt they apply in your case. For example, you've already purchased an expensive package that's required for your site and only runs on Windows.)

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Webmaster General
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About
WebmasterWorld ® and PubCon ® are a Registered Trademarks of Pubcon Inc.
© Pubcon Inc. 1996-2012 all rights reserved