Since I’m running my own server, I’m constantly working on it. Tweaking stuff, making it run better, etc. etc. Well, I decided it was time for a security upgrade. I wasn’t happy with Norton Internet Security (constantly driving me crazy with unuseful info) and I have a very good router (Draytek Vigor 2900) with an excellent built-in firewall.
So I decided to make good use of that and instead of putting my PC in the DMZ: I would use port redirection and open ports as an alternative. Thus leaving my network not open to just everything but just specific parts of it. Another complaint I had was the fact that Norton firewall was hogging the CPU of my server all the time because it was constantly acting on ‘threats’ from the network. Now, instead I let my router do the work with NAT. I do think it makes sense not to let only a software firewall do the work, but trust a bit more on the hardware.
After I forwarded all the neccesary ports and such, it turned out I could not reach my server from outside anymore! I always test this from a simple command shell account. As it turned out Norton Firewall was giving me problems. And no matter what I tried, it would not accept incoming data on any of the ports, even if I made rules that both the server program and the ports were supposed to accept connection. Let’s face it: Norton makes crappy software (see my previous post about Norton GoBack).
So I deinstalled Norton, and installed a new firewall that is much better: Sygate personal Firewall. It gives you more usefull information than Norton and it sure doesn’t hog your PC with lots of DLL’s or registry shit. All in all it’s working much smoother now and I sense that my Apache web server is much more responsive than first! Best of all: it’s FREE!
All in a days work 😉
