My Win2k server web site was hacked last nite, please help !

[456]

I am currently running my personal web site on my win2 advanced server with SP3 plus all the up-to-date Security patches but it was hacked last nite by a hacker. I am using my "E" drive to store all my web html files under the folder called "wwwroot", in order to increase maxium security of my web site being hacked, I have 2 quick questiosn for you guys:

Currently, for the permissions of My "wwwroor" folder on my E Drive like the following, may I know what should be the best combination ?

a. Myself (with full control)

b. Everyone (Read & Execute, Listfolder contents and Read)


In addition, do I have to ONLY add the following persmissions for security for my whole "E" drive ?

a. Myself (with full control)

b. Everyone (Read & Execute, Listfolder contents and Read)


Please advise ASAP.

[acid_burn~187]

Unfortunately changing permissions isn't enough to protect your from hacks. It may prevent hackers from defacing your website if the webserver doens' thave write access to the website directory, but there are still alot of underlying problems in IIS/IE/EXPLORER/WINDOWS that you can't fix. I'd recommend putting a firewall in front of the box,or installing firewall software. If it's just a basic webserver then the only open ports from the outside should be port 80. You will also want to use iislockd.exe (from microsoft) to tweak iis to make it more secure.

good luck.'

~Paul

[456]

Hello acid_burn~187

Thanks for your suggestion.

[bassinvader]

In TCP/IP settings you can configure ports on your nic to only allow port 80 - that should help a bit.

Its under TCP/IP Filtering in the advanced tab.

Ideally wwwroot name should be changed and aliases used - our web files are on a separate server but a second disk or partition as you are using is always recommended - never install IIS/web on the system folder. Make sure all your web files are also 'r' only in the attributes for each file - every little bit helps.

IIS lockdown tool is essential as is the windows c2 security tester.

Better still - get linux - Just downloaded Redhat v8.0 5 cd's -took 5 days but it was worth it - Apache is fantastic.