Last week I was at a Microsoft TechNet evening where the speaker indicated that there may not be a feature pack for ISA Server 2004 and instead any new features will be held over for ISA Server 2006 (codenamed Wolverine). This includes network access protection (NAP) and all of the other filters, tools, etc. that did not make it into ISA Server 2004.
The issue of NAP is an interesting one as the Microsoft website indicates that this will be incorporated into Windows Server 2003 release 2.
Last week I got hacked.
I’d opened up my previously stealthed firewall to:
The trouble is that I hadn’t been carrying out the best practices that I would advocate for my enterprise clients. Despite last month’s post on securing IIS, I had just opened up the standard ports to a standard IIS server which wasn’t even in a demilitarized zone (DMZ).
I didn’t think I’d be a target for a hacker but within a few days some guys in Italy and Belgium had started abusing my FTP server to dump their files (this article from ZD Net leads me to believe that it’s a common practice). I don’t know what the contents were. I deleted them quickly to be safe and shut down the firewall until I could implement something more secure.
Thankfully, I got off lightly (this time). I checked the logs last night and my new security measures are keeping the intruders out. If you do need to provide an FTP service, you might like to read the windowsecurity.com article with 10 steps to secure an FTP server.