• GoDaddy Community
  • VPS & Dedicated Servers
  • VPS & Dedicated Servers

    cancel
    Showing results for 
    Show  only  | Search instead for 
    Did you mean: 
    Highlighted

    Are GoDaddy Managed Dedicated Servers secure?

    Anyone else out there have a managed dedicated server with Godaddy?  You may want to run a port scan on your public IP to see if your firewall is blocking any ports.  I tried using the Plesk tool's firewall feature (that talks to windows firewall) to block access to my server and it said it blocked all the ports but when I ran a external scan it showed all the ports as open.  The concerning port that was left open was TCP/445 which if you remember was a part of the NSA/Shadow Brokers release a couple years ago that hacked SMB.  The main issue I see is that the servers are assigned 2 IP addresses on the same interface.  The firewall appears to be securing the internal IP address instead of the external (public) IP.  

     

    I have called Godaddy Tech support and reported it to them, and I mentioned they should be contacting all the people that use this service.  They didn't seem to interested in doing that which is why I am posting this here.  Hopefully they fix this asap or if I were you go and fix it yourself or move your service to another provider.  

     

    I decided to attach a screenshot showing the scan using a free tool with the first two octets hidden.  Capture.PNG

    3 REPLIES 3
    Highlighted
    Super User I
    Super User I

    Re: Are GoDaddy Managed Dedicated Servers secure?

    Hello @pwambach and welcome to the community. 

     

    Have you applied the appropriate Windows patch for this vulnerability (CVE-2017-0144) that you reference in the link that you attached? You can read more about this vulnerability CVE on the Microsoft website


    Very Respectfully,

    Drew Davis
    Navy Veteran and Entrepreneur | GoDaddy Pro user | "Proud to be serving others!"

    *** Please note that I offer free advice on this forum. Please feel free to give me KUDOS on this topic/discussion; mark my comment as ACCEPTED SOLUTION if you believe I've helped solved your issue. Thanks! ***
    Highlighted

    Re: Are GoDaddy Managed Dedicated Servers secure?

    Yes, I have but as you probably know any port open is vulnerable to attack.  Having a totally patched windows server connected to the internet with all ports open (no firewall implemented) is a very bad idea.  Zero days are coming out all too often and these are the ones they are telling us about.  Good hackers don't disclose their secrets.

    Highlighted
    Super User I
    Super User I

    Re: Are GoDaddy Managed Dedicated Servers secure?

    Hello @pwambach and I agree with you zero day attacks happen every day within a lot of products ie. RDP, web browsers, and so forth.

     

    Have you gone into your Windows Firewall on the server and disabled that port on your server? 


    Very Respectfully,

    Drew Davis
    Navy Veteran and Entrepreneur | GoDaddy Pro user | "Proud to be serving others!"

    *** Please note that I offer free advice on this forum. Please feel free to give me KUDOS on this topic/discussion; mark my comment as ACCEPTED SOLUTION if you believe I've helped solved your issue. Thanks! ***