Hi,
In the near future I will be setting up my web up on a Windows 2008 server. It currently resides on a Windows 2003 server. I have Comodo Firewall version 2.4.18.184 currently setup on the Windows 2003 server. Should I be able to just copy the Comodo registry settings from the 2003 server to the 2008 server without any problems? Has anyone done this?
Anything else I should be aware of when moving from one server to the other.
Your help is greatly appreciated - it will save me a lot of time in the conversion.
Hey you got CFP 2.4 to run under 2003 server? Can you give me any hint on setting up a Win2ks R2 server?
What kind of problems are you having?
I’ve had Comodo on this server for quite a while so the original install was a previous version. I don’t know if that makes any difference or not.
What kind of problems am I not having … lol. Well I’ve been locked out of the machine twice trying to configure remote desktop, which is my only access to the machine. Now the firewall is set to allow all and I can get in but it’s basically doing nothing.
I have to configure the firewall to allow a few rules. I’m running on Windows 2003 R2 with DNS, IIS6, MSSQL 2008, PHP 5, MySQL5, ASP.net 1.1, 2.0.
Now this is a public server hosting clients sites so FTP, Mail, Web, SQL and Stats all run as client resources on the server. I have a control panel that automates provisioning resources along with bandwidth/hdd space consumption/billing.
Now I’m trying to figure out how to enable remote desktop. I assumed I could just open port 3389 for one IP but that leaves a hole. I’ve thought about running remote desktop over port80. “any ideas?”
So here’s where I begin. This machine will have 20 IP’s
first two configured as primary/secondary nameserver, two for shared hosting, one for mail. That gives me port 53 udp/tcp - in/out, port 21 tcp in/out, port 25 tcp in/out, port 110 tcp in/out, port 80 tcp in/out, port 443 tcp in/out, port 1443 in/out, port 8000 in/out, and on and on… I could go on but I won’t.
Anyways, I’m wondering if I should just install the firewall first. Set it to block all except remote desktop 3389 and then install the server components “in learn mode” then just enable the communications I want to allow. I’m actually configuring this on a dev server and wanna try and export the CFP registry rules once tested.
Am I on the right track here?
The first thing I would suggest is changing the remote desktop listening port for extra safety: Microsoft Support.
The next thing I would do is set the firewall on your router to only permit access on the ports that you need open.
I did use the learn mode initially but found that in the application monitor I still had to modify the permission to allow invisible connections on the miscellaneous tab.
I had some problems setting up Comodo to send mail via an external smtp. I’m not sure if that’s how you are sending email or not. I found that the app had to permit the external ip address as well as permitting the ip address in network monitor.
How are you configuring the 20 IPs on the same machine?
Do you have an anti-virus program running that would be restricting access too?
I see you have ASP.net set up. I ran into problems with temporary files created by the asp files. I never resolved this problem.
As far as I understand you can export the CFP registry rules to another server. This is what I was hoping to do when I upgrade to my 2008 server BUT as far as I see I can’t run Comodo on this platform. Right now I am still fighting windows installation problems and haven’t even gotten to the firewall issue yet.
Thanks for the response, oh yea 2008. I’ve been toying with this idea but hearing so many horror stories, I’ve decided to put it off. Great idea on moving remote desktop to another port.
You know one thing I haven’t been able to figure out is why the mouse, over remote desktop, flickers and changes constantly when above or over CFP. A little annoying but I guess I could live with it.
Most of the 20 ip’s are clients and tied to SSL certificates. Yea I thought about the .net applications. The bad thing is most run a type of CMS that provisions space for uploads. That should be interesting. Is there any possible way to specify a particular folder or folders that are considered safe for CFP? That would be nice. I guess adding W3WP or ASPNET as safe apps is not possible or safe.
or how bout leaving components in learn mode?
ok that was just plain stupid of me.
Anyone have any good ideas on a firewall for Windows 2003 Server?