We need your advise to protect our webserver we have webserver installed on Windows server 2008 Ent SP2, we have installed following software for protection but we are facing problem every month our server goes down because of different hacker attacks (some
strange bat files found in Windows/System32 folder and unknown users accounts created). so anyone can advise what we need to do for protection.
Windows up to date
Antivirus up to date
Internal Firewall is On with allowed specific port
here some information you can start with. You should also check the patch level of all your applications running on the web servers. If you have still doubt re-install the servers from scratch after you created a hardening profile. Some malicious software
is not detected by a Antivirus program. From external you should only allow port 80 and 443 for HTTP(S). Only install necessary features for IIS.
Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.