At 11:57 AM 10/6/99 -0200, fgbat_private wrote: >We are in way now, to install a public web server and a DNS server. What >are de advantages and disadvantages of placing this servers behind the >firewall and perform >NAT or Port forwarding, instead of using a DMZ ? I try not to let such open communication like this from outside to inside. Also, typically one cares about performance when one is setting up a web server. I like the web server outside the main firewall but behind a filtering router. Allow only web traffic from outside to the web server. I turn off all services on the firewall except the http server (and maybe a telnet or ssh server but only allow such traffic from the inside (from the main firewall), remove any user accounts, require admin with non-reusable passwords, and strip out any extra tools not needed by a web server. Then put a system monitoring program on the web server. Fred Avolio Consulting 16228 Frederick Road, PO Box 609, Lisbon, MD 21765, US +1 410-309-6910 (voice) +1 410-309-6911 (fax) http://www.avolio.com/
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:42:36 PDT