Problem solve Get help with specific problems with your technologies, process and projects.

Protecting your customer's Windows 2003 server from hackers

Get advice on how to protect your SMB customer's Windows 2003 server from hack attacks by using more than one scanning tool and reformtting the server.

Hackers entered my customer's Windows 2003 dedicated server. I now have McAfee Total Protection for Small Business Advanced installed. It detects some malware and Trojans, but usually only successfully deletes half of what it finds. For the others, I usually get a message that quarantine failed. The hacking occurred some months ago, and I have a feeling that something is still happening on my customer's server without my knowledge.

Should I reformat the server and reinstall to be sure that no traces are left? After the new installation, what do I have to do to better protect the server? Is there any real-time software that will show me whether or not someone is trying to hack into the server?

Be sure your McAfee Total Protection For Small Business is up-to-date, as some bugs have been recently fixed. But as recently as a couple of weeks ago, several reported problems remain with the software -- sometimes causing crashes, slowdowns, hangs, inability to update, etc. -- and some long-time customers are not happy with the new release and say it's not prime-time ready.

In addition, reliance on one product for bug scanning probably doesn't cut it. Even the best software only provides one level of scanning, and more than one layer is recommended.

Although I hate to say it, reformatting is probably your best course of action if you can do it without unduly inconveniencing the customer. And if I were you, I'd move to the Symantec product and add another level of spyware scanning.

As far as real-time intrusion detection, there are a lot of products that may fit your bill. Traditionally intrusion detection systems (IDS) have been a bear to implement and manage, but some products have entered the marketplace that are easier to install and use. Timberline Technologies provides a good list of IDS products. I like the PGP products, BlackICE Defender, the NetIQ product, and Strata Guard.

Based upon your requirements, get product demos and research the Web for user reports on issues and problems. And good luck!

Dig Deeper on Cybersecurity risk assessment and management

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.