Welcome to WebmasterWorld Guest from 18.104.22.168
Forum Moderators: phranque
I had port 80 open for about 20 minutes and saw, using a program called Simple Net Tools, that multiple computers all over the country had multiple connections to my port 80, even though I was not displaying my site at the time, just the directory where my site would be. They just latched onto my port 80 as soon as it opened. I assume these were worms, trojans or something similar.
Is there some way, some sort of firewall, that would protect me? I have a cheap router and Norton Persnal Firewall but with port 80 staying open these won't be enough.
The fact is, most firewalls do no more than yours is doing now - opening or closing a given port.
More advanced firewalls can look for specific attack signatures. There are a few generic things that can be checked, but it is basically looking for a specific exploit by knowing what to expect in a packet. But that generally requires a costly subscription, and is offered for higher-cost hardware firewalls. (There may be free sources, but how up to date are they?)
Most of these attacks, though, are against specific URLs. They are attacking vulnerable scripts. If you don't have those scripts installed, no problem - they are harmless. So, be careful about the scripts you choose, and keep them up to date!
Beyond that, it's popular to block troublesome blocks of IP addresses. There are more free resources available for this than for attack signatures. You may be able to do this with your current firewall, though you might have to type-in the address ranges. (Rather than use a supplied file.)
If you really, really want to run a live web server at home, it might make more sense to set-up a Linux machine, where you will have more free resources available, and can replicate the environment you will probably have if/when you move to commercial hosting.
(There are some cases for Windows hosting, but I doubt they apply in your case. For example, you've already purchased an expensive package that's required for your site and only runs on Windows.)