LinkBack URL
About LinkBacksAny of you running server 2008 with the Windows Firewall enabled? I'll leave it turned on on my webservers I think but i'm wondering if I should just turn it off on my DC's and file servers.
Any of you running server 2008 with the Windows Firewall enabled? I'll leave it turned on on my webservers I think but i'm wondering if I should just turn it off on my DC's and file servers.
We leave it on, with no problems.
We leave it on to reduce the threat of spreading worms such as confickr
Yes I was thinking the same we currently have it turned on on all XP clients with no issues but not on our 2003 servers.
You should always have the firewall turned on and just make exceptions for the things you need, the Windows 2008 firewall has nice pre-built in exceptions for things like AD Domain Services, so leave it on and just allow the minumum through that you can.
Turning off firewalls is just asking for trouble, especially with malware such as Conficker running around.
Ideally you should have it on the clients too, with file and print sharing (between clients) disabled, this stops so much malware from spreading but most people just blanket allow file sharing to all machines regardless of whether they actually need it, which is why so many people were burned so bad with conficker.
This is coming from a lot of experience (I work for an AV vendor) sorting out Conficker/Sality etc and it may be more of a pain to set up initially and get your rules just right, but you'll be sitting nice and smug when the bloke down the road gets a file infector or conficker all over his network and yours is all nice and safe :-)
Steve.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote