The fundamental question seemed to be "can I hide the IP of this server". In a word, no. Think of it this way, can you have people call you without giving them your phone number? Proxy may be able to mask it by well, proxying it. But all you do is change the address they see as the address of the proxy. You could use proxy to disallow certain ports/services to them. Don't know what your budget is like but there are quite a few sub $100 NAT devices out there. Not a 100% solution but better than nothing. Something like this would accomplish 'hiding' the server. But first and foremost what Nate pointed out is the singe most important thing you can do. If more folks followed this Code Red/Blue and Nimda would have been a non issue. Kudos to you for doing your homework to prevent yourself from becoming a victim or unwilling participant.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 29, 2001 1:43 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: hide ip address of website (no domain name) I empathize and remember the feeling. Become very familiar with the http://www.microsoft.com/security site. Sign up for the Microsoft Security alert email service. Use windowsupdate religiously and download HFNETCHK from the Security Bulletins and Tools area on the Microsoft site. Also it is a good idea to cross check your patch updates with a free CNET service http://catchup.cnet.com. These are free sites that help make sure you don't forget anything. Keep notes on what you have installed and subscribe to the https://www.sans.org mailing lists as wells as NTBUGTRAQ. It is also a good idea to look into HID as well as using a tool such as ZoneAlarm which is free or possible Secure IIS from EEYE digital http://www.eeye.com Just a few suggestions :-) Thanks, Nate Duzenberry Information Security Services Wells Fargo Services Company +mailto:[EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 27, 2001 1:07 PM To: [EMAIL PROTECTED] Subject: hide ip address of website (no domain name) hi all i have just had a webserver 'dropped' on me to administer, and being new to administering iis5/w2k sp2, i could use some advice. i've been surfing around various security sites all day and haven't hit paydirt yet - or it could be that i'm just too new to recognize the answer and need someone to spell it out for me :) here's the most burning (currently) question i have: how can i hide the ip address in the url address line of an end users browser when someone visits my website AND hide both the ip & netbios name of my webserver from any other programs/scanners/etc ? will proxy server installed on the box or using host headers work, & if so, what do i need to do to set it up properly. here's what i got to work with: 1) server has no domain name, just an ip address 2) it serves only a single ArcIMS website & does nothing else 3) i got no firewall software or hardware at the moment (would welcome free or low cost suggestions. yes, i know you generally get what you pay for, but small, cost-recovery govt agencies have no $$ to work with) 4) we aren't using active directory and we dont have an nt domain, just a workgroup - our name server is not running a microsoft OS. 5) iis lockdown tool was installed before ArcIMS webmapping software was installed & configured. (ArcIMS uses java servlets and the viewer application uses lotsa javascript and has various communications going on between various parts of it that are not on port 80. it is notoriously easy to screw up when you're tyring to harden up your webserver, so that's always an iffy situation.) many thanks in advance for any help anyone can provide, julia
