ZoneAlram IIS and port 80

Archived from groups: comp.security.firewalls (More info?)

Hi,

I am using ZoneAlarm, (the free one), IIS 5.1 and XP pro, SP1 and all the
Updates.
I am connected to the web 24/7 using an ADSL line.

I am doing a small php web site on my machine and one thing the site does is
to log the IP address of whoever tried to access the http://localhost, been
on my machine I was a bit surprised to see other IP addresses appearing.

How can I block all outside access to my http://localhost/ , port 80, 22?

Some of the IP's are

68.127.136.214,
217.229.24.98,
221.78.7.14,
219.137.199.110,
61.39.252.14
220.175.49.108

But I cannot find them in Zone Alarm.

Sims

Archived from groups: comp.security.firewalls (More info?)

"Sims" <siminfrance@hotmail.com> wrote in
news:c62r0v$78edh$1@ID-162430.news.uni-berlin.de:

> Hi,
>
> I am using ZoneAlarm, (the free one), IIS 5.1 and XP pro, SP1 and all
> the Updates.
> I am connected to the web 24/7 using an ADSL line.

That's not a good thing to have a machine directly connected to the
Internet with IIS running. You should have a NAT router setting there in
front of the machine to protect it.

>
> I am doing a small php web site on my machine and one thing the site
> does is to log the IP address of whoever tried to access the
> http://localhost, been on my machine I was a bit surprised to see
> other IP addresses appearing.
>
> How can I block all outside access to my http://localhost/ , port 80,
> 22?

You should not only learn how to lockdown IIS but also the O/S as well
for a machine running IIS. If neither are secure, then the machine will
be *hacked*.

I suggest you search Google and the MS Knowledge Base for the information
on how to secure IIS and the O/S.

I can tell you that the free ZA would be out of the picture.

Duane

Archived from groups: comp.security.firewalls (More info?)

"Sims" <siminfrance@hotmail.com> wrote in
news:c634ih$7c5gr$1@ID-162430.news.uni-berlin.de:

>
>> > I am using ZoneAlarm, (the free one), IIS 5.1 and XP pro, SP1 and
>> > all the Updates.
>> > I am connected to the web 24/7 using an ADSL line.
>>
>> That's not a good thing to have a machine directly connected to the
>> Internet with IIS running. You should have a NAT router setting there
>> in front of the machine to protect it.
>
> Never knew that.
> Would it not be cheaper to remove IIS and put Apache?
>
>> >
>> > How can I block all outside access to my http://localhost/ , port
>> > 80, 22?
>>
>> You should not only learn how to lockdown IIS but also the O/S as
>> well for a machine running IIS. If neither are secure, then the
>> machine will be *hacked*.
>
> That was my question, I _thought_ that port 80 would not be opened
> unless I said so.
>
>>
>> I suggest you search Google and the MS Knowledge Base for the
>> information on how to secure IIS and the O/S.
>
> Ok, i will have a look at it.
>
>>
>> I can tell you that the free ZA would be out of the picture.
>
> Meaning?
>
>>
>> Duane
>
> Thanks
>
> Sims
>
>

I think Leythos said it all. I don't think I need to repeat it.

Duane