On Friday 28 January 2011 07:42 PM, Tim wrote:
On Fri, 2011-01-28 at 15:31 +0530, Jatin K wrote:
yes it is
Is there a device ahead of this that is firewalling?
yes there is a linksys ADSL router ( with basic firewall ....with only port 80 is maped to internal port 80 )
Because if you're providing a website accessible to the public, there's no doubt that someone will try to hack you.
basically that web server will be accessed by our remote branches users ( actually the web server is win2k3, our core application is published on it through IIS )
If you were doing what was discussed earlier on (putting in access and prerouting rules, to the webserver), and /that/ worked. Then changing your input policy to drop, gives you firewalling (i.e. deny everything, except the specify exception rules you put in).
there are some policy for internal networks as well ... between the internal office department ( some departments on different subnets )
I've posted some part of iptables status ( to shorten the mail ) , there are some more policies , and at the end everything is rejected.
Thnx Tim and all others for you input and suggestions