Originally posted by slpc
1. Visnetic Firewall config for all ports that I need open (hosting at Server Matrix, so knowledge of their ping programs and urchin will be a plus). I also have a custom app that will need ports opened. Beyond that, just the general port stuff (ftp, http, pop, etc.)
Software Firewall on windows may do well under some circumstances. But you may be better of putting a hardware firewall (or *nix server based firewall) in front of your windows servers. I had a medium DDOS attack on one of our windows servers at about 15-25 Kpps, and I have to tell you, I don't find any software firewall that can filter out these kinds of attacks. In fact, the instant the firewall is running, the server is brought to crawl due to excessive CPU usage. Not only that, the firewall actually causes packet losses at this amount of attacks. I've tried Visnetic, InJoy, RRAS, and many others. All of these cause more troubles than solving it, at least under the DDOS attacks scenario.
Just two cents.