|
-
March 21st, 2004, 10:05 PM
#1
-
March 22nd, 2004, 03:02 AM
#2
Registered User
 Originally Posted by jlreich
I work for a small company that recently setup 1 server 2003 (data center I think), 10 desktops and 5 laptops. Everything was setup by the accountant. I soon figured out that there is absolutely no protection. No AV, no firewall, nothing! I have been in the process of cleaning up some of the computers. Found tons of spyware/adware (613 objects on first scan with ad-aware on the worst computer) and some viruses ( 2 Trojan's on one and 6 on another).
I think I need something specific for the server, but am confused after looking at some of the programs available. I was looking at "Symantec Client Security Small Business Edition". Do I need just 1 license for the server and that will take care of the clients as well, or do i need a license for the server and each client? Or do i need something specific for the server and something totally different for the other computers? Or am I looking at the wrong product altogether? 
Sorry, I know very little about servers. I am not employed there as a computer guy, I just happen to know more about computers than anyone else there. Scary! I am very concerned about my own private information as well as my coworkers. 
All desktops and laptops have XPpro.
Please help. I have been on 2 other forums. One offered some insight, and the other didn't even get one reply.
Hi,
Welcome to WinDrivers.
Let's split this into categories.
Anti Virus
Symantec offer this product. http://www.symantec.com/smallbiz/sav_sbe/
That should keep you safe, you can set this up on your server then deploy remotely to workstations and the virus definition updates are automatically populated to the entire network as soon as the server downloads them.
Spyware
What are you using to clean the spyware up? Try Spybot and Ad-aware for starters if you are not already using them.
http://www.lavasoft.de/
http://www.safer-networking.org/
Firewall
You definitely need to obtain some sort of firewall protection. What is your internet connection? I am assuming high speed of some type therefore a router would be your best bet to give you hardware firewall protection.
Prices on these vary from around US $ 70 to more expensive hundred's of dollars models. Depends on what you want to do with them. If it is just to make the connection and give you a decent bit of firewall protection then a cheap one will do. If you want to use it as a VPN server then you will have to go the more expensive road.
That said, RRAS in W2k3 Server can do all that for you so you can always just forward the ports through the router and bingo.
Hope this helps and I'm sure others will have a few things to add.
Best of luck,
emr
-
March 22nd, 2004, 07:37 AM
#3
Geezer
-
March 22nd, 2004, 08:03 AM
#4
Registered User
Originally Posted by confus-ed
[i]Sue the accountant ! 
What has she got to do with it? 
-
March 22nd, 2004, 10:52 AM
#5
Registered User
You can't go wrong with one of these for a small office. 10 User is around $400, 50 user $600.
http://www.cisco.com/en/US/products/...031/index.html
Deliver me from Swedish furniture!
-
March 22nd, 2004, 07:12 PM
#6
Hey guys, thank you for replying! Finally some answers that make sense.
Confus-ed, the accountant should be sued. Actually, I have to give him some credit for just for getting everything up and running. He just forgot or ignored security issues. 
emr, I am using ad-aware 6 free edition, spyblaster, spybot s&d and Hijackthis. All have been updated. Also doing online virus scans. My knowledge of how to read hijacker logs is limited, but I am at least able to get rid of things I know are baddies. I was already looking at the Symantec product you suggested. But I am unsure if I need to buy one for each computer including the server. Or just buy one license for the server and that will protect all.???
Confus-ed, as far as the permissions go, I can set things up however they need to be. So any suggestions are fine. And you are right about "top-secrete files", payroll and etc...
We have DSL connection (been trying to get them to go cable). Not sure about router. All I noticed was that it is a long rectangle with approximately 20-30 connections in two rows. Gateway maybe?? Again, not sure, but will find out.
As far as I can tell at this point, the server is just used as a file server, and the internet connection is shared through the router or gateway(sorry if my understanding of a gateway is wrong). No files are shared between client computers. Only what's on the server is shared.
Backup?
I do think they do a regular backup. Probably using windows backup utilities. I have mentioned more substantial means of backup (external HDD ect..), but I need to take it one step at a time. They spent well over $10,000. already. So I have to think budget. Although our personal info and not to mention crippling the business is well worth spending whatever it takes to secure things.
Posted by confus-ed
For the guy 'not really in charge of computers' I can imagine all that is lots far more than you might have wanted - but you 'need' to think about it all ...
I love this stuff! I am a "geek". It was great when I had 4 laptops and 2 desktops going ay the same time doing spyware/adware scans!.
Anyway, any info or suggestions are greatly appreciated. If more info is needed just say so.
Hey guys, thanks again.
-
March 23rd, 2004, 05:39 AM
#7
Geezer
Originally Posted by jlreich
Anyway, any info or suggestions are greatly appreciated. If more info is needed just say so.
Hey guys, thanks again.
I'm sure you are most welcome from all of us  ...
So more info ? Well Not so much info, as trying to figure out what 'you the geek' knows about, that makes it much easier for us to 'pitch' stuff right to you .. we don't want to write big long explanations 'saying press this, type that, install this, patch that...' yada, yada, yada - that's your job or it seems to be now ! - its so much easier if you understand the theories & concepts & any you don't we can explain .. but there's no point explaining stuff you know about !
Do you understand the concepts client server & peer to peer & a 'propper nerd' question .. do you understand what domains are as opposed to workgroups ? if we have server 2003 you better had ! or we/I need to do some clarification ! - Until I know that I shan't say any more about 'permission & access control' ..
Backup - if you ask somebody 'geeky' about backup, they start waffling on about 'child, parent & grandparent' backups - huh ? - this is computing not happy families ! (that just refers to having points in time that you can 'rollback' to, & the system used to (hopefully) make sure you at least have a 'decent' starting point from which to recover from, should it all go wrong) - then you get to the 'disaster planning angle' - so where are our backups held & on what ? do we have enough 'incrementals' to re-build to a useful starting point (so that's not just data, that's your entire setup ! - its not much good having data that's got no operating system to run with, or one that's gonna take another two weeks for 'somebody' to re-setup 'stuff' to run it with is it ?
You can take the 'backup' concept further .. it also applies to having redundancy built in too if you ask me .. so our file server dies - what are we gonna do now ghostbuster ? Well if you've planned right you are just gonna go 'plug in your reduntant server' (that's really simplifying matters but the effect) & be up & running again in no time at all .. Beware the bean counters on this one - they'll say no you can't have machines sat there doing nothing just 'incase' - so Mr Accountant, I say how much is it worth to the company when none of this works for a while, will it make you go bust or will it just be a pain ? - that's what ought to decide .. not the bean counters !
Christ I have 'waffle-itis' again today ! look at all that .... (not unusual ! )
Q & A on "Routers" vs. "Gateways" -whoo-hoo ! a 'real answer' ! (instead of 'waffle')..
As emr said you want a Firewall ! (this 'lives' like a guard on your outside connection & hopefully controls who's let in & out) - you need to clarify just what "a long rectangle with approximately 20-30 connections in two rows" is !! - so is it a router ? or just a hub ? (they are glorified 'wire-splicers' not a device like a router with an ip - a router provides protection, a hub does not !)
& you deffinately want some 'corporate' Anti-virus software, so a version that understands networks, inevitably this means a server copy & client licenses too (but you often get 'so many' client licenses 'chucked in' as what good is server software without 'client' too?).
I think you need now to just come back to us on all the various bits you don't 'get' as I'm generating more questions than answers & I really ought to do some work that pays me ! 
-
March 23rd, 2004, 06:38 AM
#8
Registered User
Originally Posted by jlreich
I love this stuff! I am a "geek". It was great when I had 4 laptops and 2 desktops going ay the same time doing spyware/adware scans!.
Now then it is nice to see someone willing and eager to learn these things but a word of caution to you.
Put yourself in the "what if" scenario where someone loses data either due to bad configuration of the pc / server, etc. or you go and do a big booboo and lose something really important through trying to implement something you are unsure off.
Believe me, having been in this game for quite some time now I really believe it is a question of trial and error and there are so many angles to consider when making even what may seem a basic change that in fact has a roll on effect throughout your network. Ihave a network at home that I use to test procedures and it has taught me a heck of a lot, things that I tried that have completely stuffed up. If I had done the same on a client network they would no longer be clients!
What I am waffling on about is, is your neck going to be on the chopping board because you have kindly offered to help out the company with IT and then it goes tits up and they get mad at you?
I would suggest the following, get an outside, quailified IT guy to come in and perform and audit of the systems and then you can present this to the management. Let them take the decision as to whether they want to entrust you with the required configs, etc.
You need to know that there are so many pitfalls in this line of work that with only basic knowledge and being in a learning curve situation you can end up doing more damage then good.
I don't mean to belittle your IT skills in any way, just don't want to see you come a cropper.
If the company are serious about you looking after their machines then they should be serious about paying you a little more and considering providing you with finance to take some courses, MCSE or whatever.
Sorry, this has turned into a Confus-ed waffle so I will leave it there. Suffice to say be careful out there!
emr
-
March 23rd, 2004, 06:53 AM
#9
Geezer
-
March 23rd, 2004, 09:32 AM
#10
Banned
Although I agree with the concept of having an outside security/IT consultant come in and evaluate/setup the network, I also understand that that is going to cost! Security companies in my neck of the woods run $2k+ to do an evaluation/implementation. But that is a base price, and also doesn't include any software/hardware products which would be in addition.
Then you don't want to cut corners here and hire someone that is going to be less then forthright with the solution...meaning they don't know their sh!t, but charge you for their services.
That said, it is important that you weigh the options, and get some manuals for win 2k or 2003 so that you can understand what is going on here.
What confused asked before, about whether you were on a domain structure or a workgroup...I don't know if you answered that yet, so we should be made aware of that so that we can take you forward.
Also, is this Server 2003, or Small Business Server 2003...the difference is important.
-
March 23rd, 2004, 07:33 PM
#11
Man, never thought I could get this much help from a forum! It's almost like you guys are right in the trenches with me!
I wasn't able to get in to look and see about the
'router' as I was working out of the office all day. But will tomorrow. If it helps, I do know that all the IP's are the same except the last set of numbers. Which I think makes it a router??. And thanks confus-ed, for the link on routers and gateways, it makes sense now. Also I will find out exactly what type of sever 2003 it is.
An outside IT consultant coming in is not an option. I don't think they are into putting out that kind of cash right now. When the accountant set everything up, he fired 2 guys they where paying a $1,000. a month just to standby.
Confuse-ed, I definitely agree it's not a good idea to just go in there and change things without some thought. I have went into admin services on the client computers and disabled some of the services that did not need to be running. Which I know some things will have be re-enabled (like remote registry) for the corporate AV to install patches and updates. I realize my knowledge is limited, and I must be careful. I haven't done anything that I haven't done on my own computers at home (less actually). Also I realize that a business network is a different animal than a home network. If I am not sure about something I will not do it unless I know I can quickly undo it if things go wrong.
I have been looking into some of the resources at MS website to try to better understand what is going on. These help, but I agree that I need some formal training. I was interested in MCSE (among other courses) long before this situation came about. I have also considered seeing if they would be interested in financing some courses for me. And more money!
By Confus-ed
its so much easier if you understand the theories & concepts & any you don't we can explain .. but there's no point explaining stuff you know about !
Do you understand the concepts client server & peer to peer & a 'propper nerd' question .. do you understand what domains are as opposed to workgroups ? if we have server 2003 you better had ! or we/I need to do some clarification ! - Until I know that I shan't say any more about 'permission & access control' ..
Clarification would be a good idea. I understand some things, but not well enough to explain what I know. Sorry.
Domains and workgroups? I think workgroups are a group of computers that can interact with each other or the same files or project. And a domain is what holds said workgroup or many workgroups on a server or centralized computer. As I type this, the domains thing doesn't even sound right to me, so it is probably wrong.
Your guidance would be very appreciated, and any thing you can explain, or point me in the right direction on would be great. I am very willing to do as much research as I can on my own. Time is the only issue. I remember when my wife told here sister "he has a new girlfriend named Dell laptop". lol
I will find out more info on the setup at work tomorrow, and will post back. Sorry if I missed any questions anyone asked, will check back in the morning, possibly late tonight.
Thanks for your patience and kindness.
-
March 24th, 2004, 11:36 AM
#12
Geezer
Ok so bearing in mind the 'a qualified guy would be much better to do this & don't you be getting blamed for all this if it goes wrong stuff', line of arguement & bearing in mind we can only be as good as you describe it for us .. onwards !
Clarification would be a good idea. I understand some things, but not well enough to explain what I know. Sorry.
Domains and workgroups?
So workgroups are peer to peer networks, with discrete points of control .. domains are client server networks with centralised control .
So with a workgroup you can share resources as long as each user authorises it individually, with a domain because of the client server relationship you can share resources to classes or groups of users so centralised management becomes simpler .. so instead of running around setting 3 or 4 sets of passwords on different machines for one file or directory to be accessed, you could grant access all in one go for them all based on their membership of a class or group (So managers & grunts might be classes, & production & research might be groups)' given the right permissions.
Permissions are exactly what they sound like, one class 'owns' another & grants file access rights to groups, users then inherit those rights based on group membership for use based on that. So you might let all your managers in production see something as well as the grunts in research, but not everyone else ..
You have permissions in both domains & workgroups but so much better control with a domain.
10 machines is about the limit for a wougroup in practical terms .. but we have server 'something' so we have a domain.
You seem to be administrator so its up to you to control all the folks permissions in our domain,& look after group policy.
On exams - mcse is for planning & implementing as well as administring large networks - the accountant picked it already & its up that's 1/2 the stuff out the window ! - You want 'ideally' mcsa - that's about controlling more - but for this that's over kill .. go do network + instead, its only a short course, so quick & it'll tell you enough to figure everything out at a practical level, if you just need a quick boost up to speed..
-
March 24th, 2004, 02:20 PM
#13
Originally Posted by confus-ed
Ok so bearing in mind the 'a qualified guy would be much better to do this & don't you be getting blamed for all this if it goes wrong stuff', line of arguement & bearing in mind we can only be as good as you describe it for us .. onwards !
go do network + instead, its only a short course, so quick & it'll tell you enough to figure everything out at a practical level, if you just need a quick boost up to speed..
Understood.
Network + sounds like what I need. And no need to spend money on expensive and long MCSE course if I don't need it right now. Although I am still interested in MCSE & MCSA.
Confus-ed, thanks for the explanation. It definitely helps me to better understand what is going on and why.
OK, here's what I have:
Server 2003 Standard Edition (what it said on the login screen)
Dell Power Connect 3324 - Which after going to Dell.com looks to be a glorified hub. Right?
Multitech RF550VPN Route Finder - (sigh of relief) At least we have some firewall protection!
And I was happy to see that we have a - Specialix 16 port RTA - and a - standby server and a UPS
So what am I missing as far as security goes? Or anything else?
Thanks for all your help.
-
March 25th, 2004, 04:54 AM
#14
Geezer
-
March 25th, 2004, 09:35 PM
#15
Thanks for the links confus-ed. They did shed some light on things for me. And the explanation of routers and bridges.
I did a security check at Symantec, everything checked out fine, except warning about no AV software. Is that well enough or is there something more I should do?
I went in and checked how the permissions are setup. It seems they are setup well. Read only access for those who only need to read. Full administrative access to the trusted that need it. And none to those that don't need it. He also has the groups setup accordingly, salesman, admin, workers ect.. And classes as well. Also, each client has absolutely no sharing of it's own files. And he has the modem to router to switch ect... Indeed he does deserve more credit than I originally gave him.
Oh, I was mistaken about the standby server. It is a UNIX server. Leftovers from previous system that they are still using. I did suggest setting up a standby server. Even though he does a tape backup every two weeks, I told him to set it up to do it auto every night, or at least every few days. And there are two HDD on the server with one mirroring the other. So things are not at all as bad as I thought they were.
Still need AV and a firewall. I will be purchasing at the least an AV program as soon as they figure out how much money they want to cough up. They will definitely get the AV, not sure if they will fork out the bucks for a firewall as well.
If there is any other suggestions I will be glad to hear it.
You have been a great help for me to understand what is going in. I have at least learned enough to know I know very little.
Again, thanks for the help!
Similar Threads
-
By silencio in forum Hot Hot Deals
Replies: 1
Last Post: May 25th, 2004, 08:34 AM
-
By tllewellin in forum Spyware & Antivirus - Security
Replies: 2
Last Post: March 24th, 2004, 05:26 AM
-
By MorseLady in forum Spyware & Antivirus - Security
Replies: 7
Last Post: September 19th, 2003, 11:46 AM
-
By Stalemate in forum Tech Lounge & Tales
Replies: 4
Last Post: April 2nd, 2003, 01:41 PM
-
By pochrist1 in forum Other Software Applications
Replies: 0
Last Post: November 23rd, 2002, 05:05 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
security for server 2003
Reply With Quote
, I'm all for 'educating' but there's a hell of a lot to 'think on' here ..
Bookmarks