Have my own home server based on Windows Small Business Server 2003 called Windows Home Server.

Geting whacked every 3-4 hours from b.s. client[s] connections in China trying to automatically hack into it looking for old versions of email hosting that I don't even have installed.

Got their IP's blocked with with IIS [Internet Information Services Manger], just tired of seeing the main reports of people accessing my server are hackers. Other than buying a Sonic Wall device got any ideas what to try instead of spending $400 bucks for a hardware solution?

Have my own home server based on Windows Small Business Server 2003 called Windows Home Server.

Geting whacked every 3-4 hours from b.s. client[s] connections in China trying to automatically hack into it looking for old versions of email hosting that I don't even have installed.

Got their IP's blocked with with IIS [Internet Information Services Manger], just tired of seeing the main reports of people accessing my server are hackers. Other than buying a Sonic Wall device got any ideas what to try instead of spending $400 bucks for a hardware solution?

That's normal. Not a big deal. You will never stop it.

Of course, you can always limit what IP ranges people can see your server from, but this will only stop 50% of the China guys. They will just bounce off some local machine to get to you.

The point being is, quit worrying about it.

-S

PS. And make sure you always patch! :yep:

Lots of options here. The cheapest is if you have a old desktop lying around. Build a linux kernel to have the thing run as a router with a decent IOS, and just set up your access list. If its spare box, the OS won't cost you a dime, so its free. Can't get a better price.

Second option, set up a software firewall. There is a cost for commercial good ones.

Depends on the usage your looking at - it may be best to get a real router with IOS firewall - and if your looking at lots or traffic and critical data - don't skimp and pony up for a true cisco. Their license costs for IOS are excellent - I think my last IOS update was like 6 bucks a router.

Now Subman is right, if your on the net you can use Best Practices, but there is never a guarantee.

However, if you know what the majority are looking for...... set up a honeypot and steer them to that. This way, you can track em, watch em, learn from em even, all the while they never touch the real part of your network.

I love honeypots. I use one pretty much on a consistent basis and have honestly learned ALOT about security because of them.

In response to Captain Haplo's idea - m0n0wall. Its a professional solution. Enough said.

Won't help you though. I spent years tracking and blocking and they have so many zombie machines, you cannot stop them.

What exactly are they attacking is a better question? If its your website, forget about it. You can't do a thing.

-S

What exactly are they attacking is a better question? If its your website, forget about it. You can't do a thing.
-S

Kinda disappointing to see the fifth place user being a Chinese bot sniffer to my site.

I understand your point[s]. THX guys.