Discussion in 'Windows Server' started by Marduuk, Sep 16, 2011.
will whs 2011 work with a 2k8r2 key?
do u get the fqdn with the trial?or is that registered only?
fully qualified domain name
like the domain name given with whs 1
yes, you do
I have heard from multiple sources that it is better to use your own domain or another service like DynDNS versus using a WHS domain simply because if an exploit is ever found where a hacker could gain access to your box within WHS 2011, they would be able to quickly hack into and steal data from thousands and thousands of end users (especially since anybody with the right permissions can log into your server and remotely control all computers on the same network that are configured in Dashboard). I use a slightly more elegant approach with my box, using DD-WRT on my Netgear WNR3500 v2 router and DynDNS. With DD-WRT installed on your router, you can easily configure it to update DynDNS with your current IP just by filling in your domain name, user name, and password. In the future, assuming somebody finds an exploit that affects WHS 2011 boxes, while they could break into any of the home server domain machines they would have to search a significant more of percentage of the internet to find your machine. Your chances of being exploited in that situation are far more unlikely.
That is very prudent advice which I had not even considered. Removing my domain now
While using another domain may make it more difficult to discover the server from outside it won't help against targeted attacks or attacks initiated from inside the network, e.g. from malware-infected machines.
Keeping the networked computers up to date in order to patch security issues, using strong passwords and encrypted connections, especially when connecting from untrusted public networks (e.g. using HTTPS, IPSec, or secure tunnels such as SSH, VPN, etc.) is more important.
Don't ever rely on DNS for providing security.
I get the feeling that I'm much more likely to be the victim of a widespread exploit than someone "targeting" me specifically. I feel much better taking myself out of the "most obvious" target pool. With that said, everything you mentioned is naturally just good internet practice IMO.