So I've just set up a web server on my machine. It's against the terms of my adsl contract, so I don't intend to actually serve a website from here, as such. But I'm concerned about security.

If anyone here reckons he can hack my machine, please let me know. If you pm me, and I recognise (and trust) your user name, I'll give you an address to go at.

I realize that this is a service that is usually paid for, but I'm not asking if I'm bombproof; just if I'm wide open.

Cheers,
Rat.

ratcomp, I can't help, as I don't hack. However, grc.com has some great tools to test if you are secure or not.

If you go here (https://grc.com/x/ne.dll?bh0bkyd2) it will run a test on your system and identify it's weaknesses.

I have no idea if it is comprehensive, but I know that it is a very well regarded site for computer security.

A. you don't need a "hacker", you need a "cracker"

B. the basics of intrusion prevention can be done by anyone

Basically, you need to portscan your machine and make sure that you know what is running on every port and turn off anything unnecessary. Then harden whats left with privelege reduction and good password policies and perhaps IP based access.

Disable any guest accounts (if you are using windows).

The best thing you could do is use something like a linksys cable/dsl router which makes a nice passive firewall in that the masquerade it runs protects your computers. You have to put your computer in the DMZ or forward port 80 for someone to even hit the http listening port. If you do open up port 80 to that machine using a port forward on such a router, they really dangerous ports are blocked.

For instance, if you are running windows and you have your rpc port unprotected then you are just asking for trouble.

I usually use a nice program called nmap on my old Apple PowerBook running Yellow Dog Linux to scan other machines with.

I never want to hear anything else about Steve Gibson for the rest of my life. That guy produces nothing of value.

"Nanoprobes"? Ugh.

Download this and use it to bombard your web server. It'll tell you much, much more than you want to know. :D

http://www.nessus.org/

You will need a Linux box to launch it from. If you don't have one, this (and about a zillion other security tools) are on a bootable cd found here:

http://www.knoppix-std.org/

Originally posted by LFTKBS
I never want to hear anything else about Steve Gibson for the rest of my life. That guy produces nothing of value. Why do you say that? You don't feel that ShieldsUp adequately probes your system? Honest question - I just use it to test my system, and don't have linux to use the software from shanek's link.

Originally posted by roger
Why do you say that? You don't feel that ShieldsUp adequately probes your system?

ShieldsUp is a great tool for use for the home computer. But for a server, it's inadequate. All it will tell you, for example, is that port 80 on your web server is open. Duh! Is there anything running on port 80 that can cause a problem? That's the kind of thing Nessus scans for.

(BTW, I don't agree with all of the complaints about Steve Gibson. He has certainly made numerous contributions in the field of computer security and has produced many tools that are of value. But like all things, use the right tool for the right job.)

I see, shanek, thanks, that helps a lot.

Well someone has kindly had a crack, as it were, and it's not as bad as it could be, certainly. Not bad at all, in fact.

I may try the bootable CD nessus thing at some point, but I'll get the sack if I do it from work, so I may have to find an obliging friend.

I am well aware of the hacker/cracker distinction. And the work that needs (needed) doing is indeed cracking; but I meant I'd rather have a well-meaning and highly skilled person to do it. Cracking done by a hacker, you see? A hacker can be a cracker, but a cracker is not necessarily (indeed likely not) a hacker.

Cheers,
Rat.

Originally posted by roger
Why do you say that? You don't feel that ShieldsUp adequately probes your system? Honest question - I just use it to test my system, and don't have linux to use the software from shanek's link.

Honestly, no. I mean, it's okay as part of a comprehensive hardening, but I think having a trusted nerdfriend doing an audit is far superior.

Ratcomp-

I have signed up with Nildram for adsl. Running Shieldsup! and Symantec's security check, I am warned that port 80 is open and the machine responds to Ping. Nildram tell me this is normal. Do you get the same? If not, what firewall software are you using if any?
My router modem has NAT firewall built in.

Originally posted by Soapy Sam
Ratcomp-

I have signed up with Nildram for adsl. Running Shieldsup! and Symantec's security check, I am warned that port 80 is open and the machine responds to Ping. Nildram tell me this is normal. Do you get the same?My router modem has NAT firewall built in.


If he's running a public accessible web page, port 80 will be open.

Closed ports are your best bet, but some ports must be open if you're going to make things accessible. That's where logs and monitoring programs (such as SNORT) come in handy.

You can also get into port forwarding and other firewall tricks to make things even more secure.

Odd that it responds to ping though; i didn't receive anything when I tried it.

Indeed, my port 80 is open because of my web server. If you are not running a web server, there is no reason I can think of to have that port open. I think I've got four ports open, and I'm nervous about two of those.

Cheers,
Rat.

Oh, and I'm running ZoneAlarm. The free version. I may pay for the pro or plus version when I finally get a file server set up with ics here. (The free version doesn't handle ics).

I doubly need a software firewall, because I just have an internal adsl card, rather than an external adsl router. I'd still use one, even if I was behind an external router, though.

Cheers,
Rat.

Originally posted by Soapy Sam
Ratcomp-

I have signed up with Nildram for adsl. Running Shieldsup! and Symantec's security check, I am warned that port 80 is open and the machine responds to Ping. Nildram tell me this is normal. Do you get the same? If not, what firewall software are you using if any?
My router modem has NAT firewall built in.

What ShieldsUp! is telling you is that port 80 on your ROUTER is open and that your ROUTER responds to pings. NAT, or Network Address Translation, is a way of hiding your local network from the internet while still giving you access. It looks at every outgoing request that you make and lets the response come in, but any incoming request just comes to the router and stops (unless you have port forwarding activated for that port).

It's a standard thing to respond to pings and nothing to worry about; and since there's a built-in web server in your router it'll have port 80 open. So, yes, this is very likely normal and nothing to be too worried about. Just make sure you've changed your admin password from the default to something secure.

Yes. I already switched the password. Thanks for the responses folks.

Ratcomp...your security sucks...... I can already determine that you wear dark glasses and have a short stubbly beard. I bet that has you impressed eh??