Home > Ask the Security Channel Experts > Information Security Threats and Countermeasures Questions & Answers > Protecting your customer's Windows 2003 server from hackers
Ask The Security Channel Expert: Questions & Answers
EMAIL THIS

Protecting your customer's Windows 2003 server from hackers

Retired Expert - Russell Dean Vines EXPERT RESPONSE FROM: Retired Expert - Russell Dean Vines

Pose a Question
Other Security Channel Categories
Meet all Security Channel Experts
Become an Expert for this site


Security Channel Update
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


>
QUESTION POSED ON: 19 February 2007

Hackers entered my customer's Windows 2003 dedicated server. I now have McAfee Total Protection for Small Business Advanced installed. It detects some malware and Trojans, but usually only successfully deletes half of what it finds. For the others, I usually get a message that quarantine failed. The hacking occurred some months ago, and I have a feeling that something is still happening on my customer's server without my knowledge.

Should I reformat the server and reinstall to be sure that no traces are left? After the new installation, what do I have to do to better protect the server? Is there any real-time software that will show me whether or not someone is trying to hack into the server?

>

Be sure your McAfee Total Protection For Small Business is up-to-date, as some bugs have been recently fixed. But as recently as a couple of weeks ago, several reported problems remain with the software -- sometimes causing crashes, slowdowns, hangs, inability to update, etc. -- and some long-time customers are not happy with the new release and say it's not prime-time ready.

In addition, reliance on one product for bug scanning probably doesn't cut it. Even the best software only provides one level of scanning, and more than one layer is recommended.

Although I hate to say it, reformatting is probably your best course of action if you can do it without unduly inconveniencing the customer. And if I were you, I'd move to the Symantec product and add another level of spyware scanning.

As far as real-time intrusion detection, there are a lot of products that may fit your bill. Traditionally intrusion detection systems (IDS) have been a bear to implement and manage, but some products have entered the marketplace that are easier to install and use. Timberline Technologies provides a good list of IDS products. I like the PGP products, BlackICE Defender, the NetIQ product, and Strata Guard.

Based upon your requirements, get product demos and research the Web for user reports on issues and problems. And good luck!

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google



RELATED CONTENT
Information Security Threats and Countermeasures
Security for mobile broadband
Understanding smurf attacks
What are the network security risks of streaming video?
Spyware removal from computers
Malware removal without antivirus software
Threat matrix and risk analysis resources
Blade server security on a storage area network (SAN)
Blade server security hardware advice
Cross-site scripting vulnerability penetration testing
When should automated penetration testing be supplemented with manual pen testing?

Data breach and leak prevention
Data protection fueled by data leakage prevention products and services
Security channel can't ignore full-disk encryption products, services
Vulnerabilities, regulatory compliance drive data protection market
Sophos integrates encryption into endpoint, email security
Maintaining your customers' security amid layoffs
Making the case for 'live' incident response
Mass. data protection law 201 CMR 17: How to get customers ready
Data breach prevention techniques: Helping customers avoid data breaches
PGP partners with Avnet to boost channel play
Data protection services offer revenue for security solution providers

Web Server OS and Web Application security
Web application security best practices: Tips on implementation
Web application firewalls: How they can help protect customers
Web application firewall market is hot for resellers, service providers
Portcullis Systems adds HP security products to Microsoft customers
Netgear primes VARs for SMB email and Web security appliance sales
What operating systems can you best afford or support?
Why you need Web application security expertise
Despite GreenBorder acquisition, Google security plan remains unclear
Windows services locked down in Vista and Longhorn
Filter URLs to reduce information security threats

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
Browse our Expert Advice

HomeNewsTopicsITKnowledge ExchangeTipsMultimediaWhite PapersBlogsEvents
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2006 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts