|
A lot of this stuff depends on the size of your operation and budget, but here's my take on stuff:
What sort of security precautions should I take?
Firewall for sure, see below. The basic stuff, good root password not known by the whole office. Phyiscally safe place where the power or network cable can't get kicked out. If you're conducting transactions on this machine where credit card stuff is stored, physical security's real important. Don't want someone being able to stick a removable drive onto the thing and copy data. Keep it in a locked, cool area.
Should I use a completely different machine for a server?
Yeah, if you can. You don't want the web server to be performing poorly because it's handling I/O as a file server or mail server or database server or whatever other stuff it's doing.
Can I have it connected to the same wireless router that all my computers are on?
I say yeah. Once it's on a network, any network, is when it can be vulnerable. I'd want my server wired, though, not running wireless, if that's what you were thinking about.
What about "firewalling"? What's a good program to install?
I don't know. I've heard of a bunch of software firewalls for Windows (like ZoneAlarm and Comodo), but I can't speak to their effectiveness proctecting a server. Windows nowadays has a firewall built in, too, I think, but I don't know anything about it. Your best bet is a hardware firewall that can stop all those unsolicited packets before they ever get to your machine's interface (and a hardware firewall doesn't tie up I/O), or you can run iptables on a Linux platform, which set up through a graphical user interface isn't too difficult if you've got a little background and some gumption. If none of that's helpful, try a couple of those Windows software firewalls and get a software port scanner and run it from another machine to test.
Good luck, G.
Oh, yeah, you don't want to have to rebuild crap and scramble to recover data later on. Build a good server off the bat with redundancy. I go hardware RAID1 on mine and I back up to tape everyday, too, and I have nothing anymore but useless fantasy baseball and music shit on mine.
| 
