I have recently suffered some hard attacks on my 2-PC LAN after which I had some file losses.
Today I had another attack. Firewall message:
Details: Attempted Intrusion "HTTP_IIS_ISAPI_Extension" against your
machine was detected and blocked
Risk Level: High
Attacked IP: I AHVE EDITED THIS
Attacked Port: http(80)
Since I have applied all XP patches and have updated firewall and AV, are there any additional secutiry tools I could get to work to:
Hide my PC as a web server (I am deploying Apache for web development) or hide it completely from IP scanners and other stuff
Do anything that could protect me more?
I am about to ompimize security additionally using LANGuard. Is there any better tool?
July 28th, 2003, 03:11 PM
There's no way to prevent those stupid worms from connecting. The last few worms were all to stupid to see the difference (IIS or Apache). If you have port 80 open you'll get sh*t loads of worms trying to infect your machine.
An option might be to run apache on a different port (say 800). But that's really security through obscurity. It does however prevent those stupid worms (and a couple of scriptkiddies) from finding your webserver.
If you do everything like you say you do (update XP, virusscanner and firewall on a regular basis) then you have nothing to worry about. Also don't forget to keep an eye on any patches/problems with Apache.