Personally I would install a separate linux server (you can use it as a mail server, file server, or multitude of other uses), and use the iptables firewall on there to manage the connections to your prd (or dev) web server. Iptables is one of the best firewalls out there, and if there is an exploit for the OS (which might kill your windows server, whether or not it has a firewall on it), at least you have 2 levels of protection here. First they would have to root your linux server, and then hack your windows box. 2 separate OS's are more secure then plain old W1nbl0w$.
Russ > -----Original Message----- > From: Dave Watts [mailto:[EMAIL PROTECTED] > Sent: Monday, June 12, 2006 3:52 PM > To: CF-Talk > Subject: RE: Server firewall software > > > I have tried Windows built-in firewall, Zone Alarm, and > > another software firewall (do not remember what it was) over > > the past year. All three tests told me that software > > firewalls on a server are nothing but a pain in the rear. > > So, I can not recommend anything that works on a server. > > Managing servers in general is a pain in the rear. That said, IP security > policies are quite easy to manage, as long as you know exactly what > traffic > you want to allow to and from that server. > > Dave Watts, CTO, Fig Leaf Software > http://www.figleaf.com/ > > Fig Leaf Software provides the highest caliber vendor-authorized > instruction at our training centers in Washington DC, Atlanta, > Chicago, Baltimore, Northern Virginia, or on-site at your location. > Visit http://training.figleaf.com/ for more information! > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:243259 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
