Brief summary of Vortech security measures

[tkraffty]

Hi - got a question I was sort of able to answer for a client today, but would like the definitive summary from the Vortech gurus...

What things do you do in terms of security on your web and e-mail servers?

Here's my guessed answer:

(1.) Keep up-to-date with all the latest MS server patches
(2.) Scan incoming e-mails using SpamAssasin (which is currently set to change the subject line of your messages, so you can run your own Inbox rules or e-mail filtering through your own account.
(3.) Scan the server disks for viruses every so often???

Anything else? Thanks in advance for the security summary...

[admin]

(1.) Keep up-to-date with all the latest MS server patches

A: yep its a task but we do it.. We are looking at running our own MS update site as well so the servers can update right from that. The windows 2003 boxs can do this but the 2000 boxs can not as of yet.

(2.) Scan incoming e-mails using SpamAssasin (which is currently set to change the subject line of your messages, so you can run your own Inbox rules or e-mail filtering through your own account.

A: Yep we do this already.

(3.) Scan the server disks for viruses every so often???

A: Unix servers not really, windows servers we did have norton's on them but after 6 months of it not finding any thing we got rid of it. A web server really does not get the same kind of virus as you may get in email. It could get other kinds, nimda and such. But as long as there updated you "should" be fine.

[tkraffty]

How's about scanning incoming e-mail for viruses? I'm guessing that's not part of SpamAssassin's function, and don't know what is normally done on the host/server-side in this area.

[admin]

No its not done right now, we were working on it.. I will see if we can get that going again and see if can be done with out killing the mail servers.

[DJJ]

Perhaps you should include a brief description of the physical security measures taken also?

[admin]

What do you mean physical security? You mean on the Datacenter side?

[DJJ]

Quote:

Originally posted by admin
What do you mean physical security? You mean on the Datacenter side?

Yes thats right.

[Brangwyn]

Vixen has a big whip and doesn't let anyone in the door

[DJJ]

You know it. I find that more of a deterent than the proximity cards we use here!!!

[bigdave]

Physical Security: The datacenter has, let me see, 3 doors to get in. The first uses a different key card then the other 2. Servers are in locked racks and most servers have locked cases.

Oh and spam assassin does drop common executable files that would contain viri.

Executable emails aren't even allowed into our server via email. They are dropped before SA even sees them