Announcement

Collapse
No announcement yet.

Server Security Questions!

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Server Security Questions!

    Hey guys,

    So I'm an IT layman and need help.

    I work for a small engineering company (49 employees). We run windows server 2003.

    Lately there have been security breaches and file alterations that are causing some havoc.

    We need to shore up our security and I would like to hire a professional to analyze what we've got, and what policy changes we can make to improve our security.

    We are based in San Diego California in the U.S.

    Thank you guys in advance!

    -Gavin

  • #2
    Re: Server Security Questions!

    you buy, i fly!

    are the alterations coming from inside or outside your network? do you have a fw in place?

    it wouldnt be very hard to tighten up your network with a few configuration changes and the possible addition of a network appliance. i do this all the time, and its not difficult really. it should take about 2 hours to lock the inside down from outside attacks..

    if the problems are internal, you will have to first isolate where the problem is coming from. once you can identify the source, then a line of attack can be developed.

    the more info the better. this is just a general run down.

    take a look at the security audits and see if anything is out of the ordinary. make sure old accounts do not have logon permissions, and if there are old accounts that arent locked out, make sure they dont have any write permissions.
    its easier to beg forgiveness than ask permission.
    Give karma where karma is due...

    Comment


    • #3
      Re: Server Security Questions!

      Well, I'll be happy to swap wet, cold Britain for sunny CA - I can cope with the different keyboards without problems

      Without knowing a lot more, it would be difficult to make specific recommendations, but in general a security review would look at a lot more than just hardening the servers - you would need to consider at least patching, backups, disaster recovery and auditing in addition.
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: Server Security Questions!

        Thanks for the input fellas, I appreciate it!

        I know enough about server management to be dangerous (not professionally trained or certified, just have been doing the easy stuff on it for about 2 years).

        Do you guys recommend getting someone on-site to look at this?

        Or is this something I could consult with a professional about and they guide me through it?

        I'm not sure who to go through for professional support, so any input would be marvelous.

        Comment


        • #5
          Re: Server Security Questions!

          A consultant would want to review your current network, either on-site or remotely, and discuss your requirements in more detail with you before "guiding you through it". To find someone local, start with the Microsoft Partner Network, or possibly your local Chamber of Commerce (or similar)
          Tom Jones
          MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
          PhD, MSc, FIAP, MIITT
          IT Trainer / Consultant
          Ossian Ltd
          Scotland

          ** Remember to give credit where credit is due and leave reputation points where appropriate **

          Comment

          Working...
          X