I'm not an expert with this by any measure, but you should be able to
open port 80 from the internet to a web server without a lot of problems
as long as you keep the server patched - after all that is how we access
our web servers. I open the port for incoming tcp, and close it to
outgoing except when I need to update Windows.
Also, I wouldn't put the server on the trusted network (lan). I would
place it in the DMZ and have it NATed, then open the appropriate ports
to the trusted network, so the Spectrum clients can access the
Be sure to monitor outgoing tcp and udp packets to catch trojans that
might get established in the DMZ or the trusted network.
Bellows Free Academy
>>> [log in to unmask] 2/4/2005 10:18:32 AM >>>
I am wondering what other schools have worked out in terms of setting
up winnebago library card catalog access over the web.
we are running winnebago/webcat on a win2000 server and I managed to
configure access across my firewall on port 80 to the internal fixed
of the win2000 server.
I should have trusted my gut and been more wary as it took only a week
for some port scanning hacker to wreak some havoc with my network.
The network is somewhat stabilized now but I am very hesitant to open
any ports or services on or to an older win2000 server. I suspect that
moving to win2003 server would be a logical first step. I told My
librarian I would put out a request for advice to see how other
might be serving their card catalogs to home users while maintaining
some security control...